How to Import Signed Certificate into Java Keystore

Sharing is caring!


In this short blog post, I will explain how to import certificate into Java Keystore. This steps is useful whenever you need to access HTTPS from JVM.

Export the certificate from your browser as a binary file

You can take the certificate via browser by doing something like this:

  • Browse to your application server using SSL.
  • Inspect Certificate
  • Export certificate
  • Ideally export it with the certificate with chain (this option is available with Firefox, maybe with other browsers too).
  • Formats crt or der should be fine.

Import the certificate to your Java store

Run this following command replacing the path to the JRE if needed (typically the following address is the default you should have in a linux environment).

A couple of notes while importing certificate:

Super User Required

You should run the above command as root or with sudo access, otherwise you most likely won’t have access to modify the cacerts file. 

Default Password

Use the default password: changeit

Remove from Keystore

Check Whether Certificate is Installed


That’s all for today. Now you can access the https protocol via JVM. And apologize for very short post, because I am in the very tight deadline until end of year.

Author: ru rocker

I have been a professional software developer since 2004. Java, Python, NodeJS, and Go-lang are my favorite programming languages. I also have an interest in DevOps. I hold professional certifications: SCJP, SCWCD, PSM 1, AWS Solution Architect Associate, and AWS Solution Architect Professional.

Leave a Reply

Your email address will not be published. Required fields are marked *