Java SDK

The Deep Security Java SDK consists of the Java client library and source (JAR files), and several dependency JAR files. The client library enables you to use Java to interact with the API. If you would rather use the API directly via tools such as Postman and curl, you do not need the SDK.

For guidance on using the SDK, see First Steps Toward Deep Security Automation.

Get set up to use the Java SDK

Download and install

    1. Download the SDK ZIP file and unzip it.
    2. Add the deepsecurity-11.x.xxx.jar file to the classpath or build path of your Java project.
    3. Add the JAR files in the lib folder to the classpath or build path of your Java project.
    4. Install version 1.8 (or later) of the Java Development Kit.

Import self-signed certificates

Java prevents clients from making secure connections to untrusted servers. If the Deep Security Manager in your development environment uses the default self-signed certificate for establishing secure HTTP connections, you need to import the certificate to a local truststore. If you do not import the certificate, you cannot connect to the server.

The path of the default truststore of the JDK’s JRE is  JAVA_HOME/jre/lib/security/cacerts, and the default password is changeit. You can use a different truststore if you like.

  1. Open the Deep Security Manager console in your web browser.
  2. Use the browser to download the site’s certificate (see your browser documentation)
    • Chrome: Developer Tools > Security Tab > View Certificate > Details tab > Copy To File.
    • FireFox: Click the lock icon next to the URL > Secure Connection > More Information > View Certificate > Details > Export
    • Safari: Click the lock icon next to the URL > Drag the certificate icon to your desktop.
  3. Use keytool to import the certificate into your truststore (replace the alias and path placeholders with actual values):
    keytool -import -v -trustcacerts -alias <alias> -file <path to certificate file> -keystore <path to truststore>
  4. If you are not using the default truststore of the JRE, run your programs using the following JVM option (replace the path with the actual value):
    -Djavax.net.ssl.trustStore=<path to truststore>