HTTPS/SSL/TLS certificates are a critical part of securing the Internet. For a long time Java developers were fortunate that they only needed a cursory understanding of certificates. But recently with additions of new Certificate Authorities (CA), deprecation of protocols and ciphers as well as the changes to default protocol configurations in Java 8 it has become more important to understand and be able to debug HTTPS certificate issues.

This session will provide Java developers with a primer on HTTPS certificates architecture and configurations. It will explain common problems that Java developers may experience and how to debug them from a Java context. It will show you how to pin certificates as well as load CA certificates. It will also demonstrate how to create self-signed certificates so Java developers can test web applications locally over HTTPS.


Christopher Judd is the CTO and a partner at Manifest Solutions (http://www.manifestcorp.com), an international speaker, an open source evangelist, the Central Ohio Java Users Group (http://www.cojug.org) and Columbus iPhone Developer User Group leader, and the co-author of Beginning Groovy and Grails (Apress, 2008), Enterprise Java Development on a Budget (Apress, 2003) and Pro Eclipse JST (Apress, 2005) as well as the author of the children’s book “Bearable Moments”. He has spent 20 years architecting and developing software for Fortune 500 companies in various industries, including insurance, health care, retail, government, manufacturing, service, and transportation. His current focus is on consulting, mentoring, and training with Java, Java EE, Groovy, Grails, Cloud Computing and mobile platforms like iPhone, Android, Java ME and mobile web.