https://jugmac00.github.io/tags/java/Recent content in Java on Jürgen GmachHugo -- 0.127.0en-usTue, 06 Jul 2021 09:58:39 +0200https://jugmac00.github.io/til/how-to-patch-java-7-certificate-store-to-support-lets-encrypt/Tue, 06 Jul 2021 09:58:39 +0200https://jugmac00.github.io/til/how-to-patch-java-7-certificate-store-to-support-lets-encrypt/Do you have to support a very old Java application? Old as in only runs on 1.7.0_21-b11? And this application needs to access websites on servers using Let’s Encrypt? Especially after September 2021, when the widespread DST Root CA X3 certificate will expire? There is help. keytool to the rescue Oracle kindly provides keytool. With keytool you can view and manipulate the contents of the Java certificate store, which usually can be found at /lib/security/cacerts within in your Java runtime.https://jugmac00.github.io/til/how-to-configure-a-webserver-to-be-less-secure/Thu, 29 Apr 2021 11:43:48 +0200https://jugmac00.github.io/til/how-to-configure-a-webserver-to-be-less-secure/This question sounds odd. Why would you want a less secure web server? Well, maybe you have to support older clients. e.g. IE 11 on Windows 8.1 or Java 7 (cough) cannot connect to a web server, which only uses modern and secure ciphers. From a Java application, which cannot be updated, but has to work, I got the following exception: Exception in thread "main" javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure at sun.