Importing a Root Certificate (Sun Java System Message Queue 3.7 UR1 Administration Guide)

Sun Java System Message Queue 3.7 UR1 Administration Guide

Previous: Configuring JSSE
Next: Configuring the Connection Factory

Importing a Root Certificate

If the root certificate of the CA who signed your Web server’s certificate is not in the trust database by default or if you are using a proprietary Web server/application server certificate, you must add that certificate to the trust database. If this is the case, follow the instruction below, otherwise go to Configuring the Connection Factory

Assuming that the certificate is saved in certFile and that trustStoreFile is your key store, run the following command:

JRE_HOME/bin/keytool -import -trustcacerts
 -alias aliasForCertificate -file certFile

-keystore trustStoreFile

Answer YES to the question: Trust this certificate?

You also need to specify the following JSSE properties using the -D option to the command that launches the client application:

javax.net.ssl.trustStore=trustStoreFile
javax.net.ssl.trustStorePassword=trustStorePasswd

Previous: Configuring JSSE
Next: Configuring the Connection Factory