Exporting the Root CA Certificate From the Java Keystore
If you are unable to download the trusted Verisign certificate from http://www.sun.com/pki/certs/ca/, as described in Step 2 of How to Import a Trusted Certificate to Your Package Keystore, you can export the Root CA certificate from the Java keystore to a temporary file.
For example:
# keytool -export -storepass changeit -alias verisignclass2g2ca \ -keystore /usr/java/jre/lib/security/cacerts -file /tmp/root.crt Certificate stored in file </tmp/root.crt> |
- -export
-
Exports the trusted certificate.
- -storepass storepass
-
Specifies the password that protects the integrity of the Java keystore.
- -alias verisignclass2g2ca
-
Identifies the alias of the trusted certificate.
- -keystore certfile
-
Specifies the name and location of the keystore file.
- -file filename
-
Identifies the file in which to hold the exported certificate.
You are now ready to import the Root CA certificate from the temporary file to the package keystore. See the remaining steps in the section, How to Import a Trusted Certificate to Your Package Keystore, for instructions.
- © 2010, Oracle Corporation and/or its affiliates