Configuring Java CAPS for SSL Support

Creating a TrustStore

For demonstration purposes, suppose you have the following CAs that you trust: firstCA.cert, secondCA.cert, thirdCA.cert, located in the directory C:\cascerts. You can create a new TrustStore consisting of these three trusted certificates.

ProcedureTo Create a New TrustStore

  1. Perform the following command.

    keytool -import -file C:\cascerts\firstCA.cert -alias firstCA -keystore myTrustStore
  2. Enter this command two more times, but for the second and third entries, substitute secondCA and thirdCA for firstCA. Each of these command entries has the following purposes:

    • The first entry creates a KeyStore file named myTrustStore in the current working directory and imports the firstCA certificate into the TrustStore with an alias of firstCA. The format of myTrustStore is JKS.

    • For the second entry, substitute secondCA to import the secondCA certificate into the TrustStore, myTrustStore.

    • For the third entry, substitute thirdCA to import the thirdCA certificate into the TrustStore.

    Once completed, myTrustStore is available to be used as the TrustStore for the adapter.