If you are unable to download the trusted Verisign certificate from http://www.sun.com/pki/certs/ca/, as described in Step 2 of How to Import a Trusted Certificate to Your Package Keystore, you can export the Root CA certificate from the Java keystore to a temporary file.
# keytool -export -storepass changeit -alias verisignclass2g2ca \ -keystore /usr/java/jre/lib/security/cacerts -file /tmp/root.crt Certificate stored in file </tmp/root.crt>
Exports the trusted certificate.
Specifies the password that protects the integrity of the Java keystore.
Identifies the alias of the trusted certificate.
Specifies the name and location of the keystore file.
Identifies the file in which to hold the exported certificate.
You are now ready to import the Root CA certificate from the temporary file to the package keystore. See the remaining steps in the section, How to Import a Trusted Certificate to Your Package Keystore, for instructions.