Adding Custom Certificate to an Application Specific Trusted Store

 Reference : 

https://help.zscaler.com/zia/adding-custom-certificate-application-specific-trusted-store#java

Java

To import a custom certificate for Java:

  1. Download the certificate bundle in DER format to the JAVA_HOME/bin directory using the keytool utility.

To convert a .crt certificate to DER format, use the command, openssl x509 -in <filename.pem> -inform pem -out <filename.der> -outform der

  1. Run the following keytool command for your certificate:
keytool  -import  -trustcacerts -alias <certAlias> -file <certFile> -keystore <trustStoreFile>

For example:

keytool  -import  -trustcacerts -alias zscalerrootca -file zscalerrootca.der -keystore $JAVA_HOME/jre/lib/security/cacerts
  1. You may be prompted to enter a password if you are running the tool for the first time.
  2. Enter yes to confirm.
  3. Verify if the certificate is imported successfully using the following keytool command:
keytool -list -v -keystore cacerts

To learn more about keytool commands, see Oracle documentation.

Comments

Post a Comment

Popular Posts