javamacosssl-certificatescribetruststore

How to set up Java VM to use the root certificates (truststore) handled by Mac OS X


I get the following exception while using the scribe OAuth library.

Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

Based on some googling it seems I should set up the JVM truststore somehow.

Why do I need to do this? How can I instruct the Java VM to use the default truststore of the os? (Mac OS X in my case).


Solution

  • I can setup the default truststore by adding this system propery when launching the VM:

    -Djavax.net.ssl.trustStore=/Library/Java/Home/lib/security/cacerts
    

    I still don't understand why do I need to do this. This should be the default. It's also very annoying to add this every time. Is there a better way, e.g. some OS settings?