Add a self-generated SSL certificate to the list of trusted certificates


Usually Java only accepts SSL certificates that can be validated with one of the CA providers in JRE’s internal cacerts keystore.

The cacerts keystore is a file located at $JAVA_HOME/lib/security/cacerts

How to import a self generated SSL certificate

First, export the self-generated key 'mywebsite.com' to a file called mywebsite.com.cert on the server
keytool -export -keystore ~/mywebsite.com.keystore -alias mywebsite.com -file mywebsite.com.cert

Then download the cert file with FTP or SFTP to your local computer.

Finally, import the certificate 'mywebsite.com.cert' into a local cacerts keystore:
keytool -import -keystore $JAVA_HOME/lib/security/cacerts -storetype jks -alias mywebsite.com -file ./mywebsite.com.cert

References

keytool export command ˆ
keytool import command ˆ

, , ,