Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Bash Commands to Export Cert and Import into Java Truststore

Command to export a cert from a website to a .cer file (example uses Tested with git-bash shell on Windows. Assume similar on Mac?

openssl s_client -servername -connect </dev/null 2>/dev/null | openssl x509 -inform PEM -outform DER -out

Command to import into local java truststore (use your own location of JAVA_HOME)

"$JAVA_HOME"/bin/keytool -keystore "$JAVA_HOME"/jre/lib/security/cacerts -importcert -alias -file

  • default java keystore password is changeit
  • if you get an update denied message, in Windows File Explorer set security on cacerts file to MODIFY for all Users (or chmod on linux)
  • if keytool is not found, define a JAVA_HOME environment variable (or replace $JAVA_HOME with the full path)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.