Installing the certificate in java keystore

Below You find information how to import certificate to java keystore using keytool utility.

The default keystore for the certificate is:

To install the server certificate, you must use the keytool utility:



The initial password of the cacert keystore is changeit. System administrators should change that password and the default access permissions of that file after installing the SDK.

— import certificate:

-- help
server> /usr/sap/SID/J07/exe/sapjvm_8/bin/keytool -importcert -help
keytool -importcert [OPTION]...

Imports a certificate or a certificate chain


-noprompt do not prompt
-trustcacerts trust certificates from cacerts
-protected password through protected mechanism
-alias <alias> alias name of the entry to process
-file <filename> input file name
-keypass <arg> key password
-keystore <keystore> keystore name
-storepass <arg> keystore password
-storetype <storetype> keystore type
-providername <providername> provider name
-providerclass <providerclass> provider class name
-providerarg <arg> provider argument
-providerpath <pathlist> provider classpath
-v verbose output

Use "keytool -help" for all available commands

-- import certificate
server>/usr/sap/SID/J07/exe/sapjvm_8/bin/keytool -importcert -alias CERT_ALIAS -keystore /usr/sap/SID/J07/exe/sapjvm_8/jre/lib/security/cacerts -file /usr/sap/SID/J07/exe/sapjvm_8/jre/lib/security/MY_CERTIFICATE.crt -storepass changeit

Trust this certificate? [no]: yes
Certificate was added to keystore

Copyright © 2023. Privacy Policy