Importing Certificates into the JDK
In some cases it might be be necessary to import site certificates for the Primavera Data Service into the JDK. This process requires that you export the certificates from a browser and then import them to your JDK environment. Refer to the documentation for your browser to learn how to export certificates.
The Primavera Data Service requires three certificates which exist in a hierarchy. You must export all three certificates. You must import the certificates in the same hierarchical structure as they exist in the browser.
To import the certificates to your JDK environment:
Where:
- <JDK cacerts folder> is the full path to the \jre\lib\security\cacerts folder in your JDK home directory.
- <root certificate> is the full path and filename to the file you created from exporting the root certificate from the certificate hierarchy in your browser.
./keytool -import -alias oraclecloud_secondary -trustcacerts -keystore <JDK cacerts folder> -file <secondary certificate>
Where:
- <JDK cacerts folder> is the full path to the \jre\lib\security\cacerts folder in your JDK home directory.
- <secondary certificate> is the full path and filename to the file you created from exporting the second level certificate from the certificate hierarchy in your browser.
./keytool -import -alias oraclecloud_tertiary -keystore <JDK cacerts folder> -file <tertiary certificate>
Where:
- <JDK cacerts folder> is the full path to the \jre\lib\security\cacerts folder in your JDK home directory.
- <tertiary certificate> is the full path and filename to the file you created from exporting the lowest level certificate from the certificate hierarchy in your browser.