129

Using some batch file, I want to add the untrusted self signed certificate within Java Keystore.

Command is

%JAVA_HOME%/bin/keytool -import -v -trustcacerts -alias server-alias
-file server.cer -keystore cacerts.jks -keypass changeit -storepass changeit

After running above command, the screen promts for Trust of certificate using Y/N.

Trust this certificate? [no]:

But I don't want to provide Y/N here.

Is there a way to complete the import using a single command or some additional import switch if any?

Dharman
  • 30,962
  • 25
  • 85
  • 135
Arun Kumar
  • 6,534
  • 13
  • 40
  • 67
  • 6
    ^^ Personally, I would consider a succinct answer on here preferable to wading through documentation. Perhaps the original questioner read the docs and missed it.. – ticktockhouse Aug 09 '17 at 16:06

2 Answers2

235

The option -noprompt doesn't prompt the input Y/N from a user and assumes yes.

More details can found by running command keytool -importcert -help on terminal.

Jacek Laskowski
  • 72,696
  • 27
  • 242
  • 420
Arun Kumar
  • 6,534
  • 13
  • 40
  • 67
  • 1
    well correct, but the help is not very informative, it tells only "-noprompt: do not prompt" not telling what to prompt for. If the password is omitted it should fail, not prompt for password. – user1708042 May 09 '22 at 14:20
0

As such, keytool is most likely looking for "yes" in your locale ("si" in this case).

Carlos
  • 27
  • 1