Import the site's certificate into the cacerts.
Without proxy Java 11:
%JAVA11_HOME%/bin/keytool -delete -noprompt -alias <site> -storepass changeit -cacerts
%JAVA11_HOME%/bin/keytool -printcert -rfc -sslserver <site>:443 > %CERT_PATH%/<site>.pem
%JAVA11_HOME%/bin/keytool -importcert -file %CERT_PATH%/<site>.pem -alias <site> -storepass changeit -cacerts -noprompt
Without proxy Java 8:
%JAVA8_HOME%/bin/keytool -delete -noprompt -alias <site> -storepass changeit -trustcacerts
%JAVA8_HOME%/bin/keytool -printcert -rfc -sslserver <site>:443 > %CERT_PATH%/<site>.pem
%JAVA8_HOME%/bin/keytool -importcert -file %CERT_PATH%/<site>.pem -alias <site> -storepass changeit -trustcacerts -noprompt
With proxy Java 11:
%JAVA11_HOME%/bin/keytool -delete -noprompt -alias proxy-<site> -storepass changeit -cacerts
%JAVA11_HOME%/bin/keytool -J-Dhttps.proxyHost=<PROXY HOST> -J-Dhttps.proxyPort=<PROXY PORT> -printcert -rfc -sslserver <site>:443 > %CERT_PATH%/proxy-<site>.pem
%JAVA11_HOME%/bin/keytool -importcert -file %CERT_PATH%/proxy-<site>.pem -alias proxy-<site> -storepass changeit -cacerts -noprompt
With proxy Java 8:
%JAVA11_HOME%/bin/keytool -delete -noprompt -alias proxy-<site> -storepass changeit -trustcacerts
%JAVA11_HOME%/bin/keytool -J-Dhttps.proxyHost=<PROXY HOST> -J-Dhttps.proxyPort=<PROXY PORT> -printcert -rfc -sslserver <site>:443 > %CERT_PATH%/proxy-<site>.pem
%JAVA11_HOME%/bin/keytool -importcert -file %CERT_PATH%/proxy-<site>.pem -alias proxy-<site> -storepass changeit -trustcacerts -noprompt