Importing SSL certificate into cacerts, via KeyStore Explorer

1. Download and install KeyStore Explorer

• Go to the official KeyStore Explorer website: https://keystore-explorer.org/;
• Download the latest version for your operating system;
• Install the program following the installer instructions.

2. Open the cacerts file

• Open KeyStore Explorer:
• Click on File > Open.
  • Navigate to your environment's cacerts file. The default path is: sua_jdklibsecuritycacerts;
  • Enter the keystore password. Default password is changeit.

3. Get the certificate
If you don't already have the certificate, follow these steps:

• Access the HTTPS endpoint website in the browser;
• Click the padlock next to the URL > Certificate > Export;
• Save the certificate in PEM (.crt) or DER (.cer) format.

4. Import the certificate

• In KeyStore Explorer, right-click on the blank area and select Import Trusted Certificate;
• Choose the saved certificate file (.crt or .cer format);
• Enter an alias to identify the certificate in the keystore;
• Click OK.

5. Save changes to cacert

• After importing the certificate, click File > Save to save changes to cacerts;
• Enter password again (changeit) to confirm.

6. Test the configuration

• Restart your application to ensure it loads the updated cacerts.

Tips and Care

• Before making any changes, create a backup copy of the original file;
• If you change the cacerts password, update any JVM settings that depend on it;
• Make sure the imported certificate is the correct one for the endpoint you want to access.

The above is the detailed content of Importing SSL certificate into cacerts, via KeyStore Explorer. For more information, please follow other related articles on the PHP Chinese website!