• Object Storage Service

obs
  1. Help Center
  2. Object Storage Service
  3. Developer Guide (Java SDK)
  4. Initialization
  5. Configuring Server-Side Certificate Verification

Configuring Server-Side Certificate Verification

OBS Java SDK supports server-side certificate verification to ensure that OBS is provided by trusted servers. The following details how to configure server certificate verification in Windows. (In Linux, replace %JAVA_HOME% with $JAVA_HOME.)

NOTE:

If the root certificate on the OBS server is issued by an authoritative CA, skip steps 1 to 3. (Root certificates issued by authoritative CAs are in the certificate library of JDK.)

  1. Obtain the root certificate of the OBS server (for example, open Internet Explorer and choose Internet Options > Content > Certificates to export the certificate) and save it by the name of obs.cer.
  2. Run the %JAVA_HOME%/bin/keytool -import -alias obs -file obs.cer -storepass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts command to import the certificate.
  3. Run the %JAVA_HOME%/bin/keytool -list -v -alias obs -storepass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts command to view whether the certificate is successfully imported.
  4. Set the OBS server to use HTTPS (ObsConfiguration.setHttpsOnly(true)) and enable server certificate verification (ObsConfiguration.setValidateCertificate(true)).