Skip to content

Import a Certificate into the Session Server's Truststore

When the session server attempts to make outbound secure connections to remote servers it verifies the identity of the remote server using the certificates in its truststore. Any certificate imported into this truststore will be trusted.

Information you must know:

  • keystore location -/etc/trustcerts.bcfks

  • keystore format - bcfks (Bouncy Castle FIPS)

  • default password - changeit

Using KeyStore Explorer

  1. Open trustcerts.bcfks using the password changeit.

  2. From the toolbar, select Import Trusted Certificate.

Using Java Keytool

From the sessionserver/etc directory:

   ../../java/bin/keytool -importcert -alias <import-cert> -trustcacerts -file <import-cert.cer> -keystore trustcerts.bcfks storetype bcfks -storepass changeit -providername BCFIPS -providerpath ../lib/bc-fips-*.jar -providerclass org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider