Adding a Java SSL certificate on Mac OSX

I’m posting this mostly because I do it infrequently enough that I have to remember again each time I do.

If you get a bind error when trying to connect to an SSL-protected resource in Java, it may be because the server is using an unrecognized certificate or certificate authority. Generally it’s a self-signed certificate, but in my case, I use an LDAP server that despite having a commercial certificate, said certificate is signed by a CA that is not trusted by default in the JRE.

So here’s the fix:


Download this small standalone program:

In case that link is unavailable, the original source is widely available. Click here to google it.

Run it

Drop it in eclipse and go, or use the following commands to compile and run it manually:

java InstallCert <host>[:port] [passphrase]
# My example looks like this:
java InstallCert

You should be presented with information about the certificate it finds on the server. Answer the prompt to save the certificate.

The program will exit, and you’ll have a new file in the current directory called “jssecacerts”.

Install the jssecacerts file

Now you need to copy this file to:


If you’re on a Mac, fear not if $JAVA_HOME is undefined. You can find it by running this program:


Even better, put the following line into your ~/.bash_profile for next time:

export JAVA_HOME=$(/usr/libexec/java_home)

With that done it’s a simple matter of moving the file:

sudo cp jssecacerts $JAVA_HOME/lib/security/jssecacerts

Now re-try your failed connection, and you should be able to connect.

I love your comments. Don't be shy, reply!

There are 3 replies to “Adding a Java SSL certificate on Mac OSX

    1. sebastian Post author

      Hi Adam, are you referring to the program? I would use Eclipse (or your IDE of choice) to run it, assuming you have a development environment. If you don’t have an IDE but need to run the program, look above for instructions on compiling it and running it in a terminal window.


Leave a Reply

Your email address will not be published. Required fields are marked *

The "are you a human" quiz *