Installing the certificate in java keystore
Below You find information how to import certificate to java keystore using keytool utility.
The default keystore for the certificate is:
<JAVA_HOME>\lib\security\cacerts
To install the server certificate, you must use the keytool utility:
<JAVA_HOME>\bin\keytool
Remember:
The initial password of the cacert keystore is changeit. System administrators should change that password and the default access permissions of that file after installing the SDK.
— import certificate:
-- help
server> /usr/sap/SID/J07/exe/sapjvm_8/bin/keytool -importcert -help
keytool -importcert [OPTION]...
Imports a certificate or a certificate chain
Options:
-noprompt do not prompt
-trustcacerts trust certificates from cacerts
-protected password through protected mechanism
-alias <alias> alias name of the entry to process
-file <filename> input file name
-keypass <arg> key password
-keystore <keystore> keystore name
-storepass <arg> keystore password
-storetype <storetype> keystore type
-providername <providername> provider name
-providerclass <providerclass> provider class name
-providerarg <arg> provider argument
-providerpath <pathlist> provider classpath
-v verbose output
Use "keytool -help" for all available commands
-- import certificate
server>/usr/sap/SID/J07/exe/sapjvm_8/bin/keytool -importcert -alias CERT_ALIAS -keystore /usr/sap/SID/J07/exe/sapjvm_8/jre/lib/security/cacerts -file /usr/sap/SID/J07/exe/sapjvm_8/jre/lib/security/MY_CERTIFICATE.crt -storepass changeit
Trust this certificate? [no]: yes
Certificate was added to keystore