1

Can someone please help with the below query?

Is there a way to add an intermediate certificate to the file trusted.certs file at C:\Windows\Sun\Java\Deployment via command prompt?

The file trusted.certs is updated whenever a certificate is imported via the java control panel. This is a manual process.

Is there a way to add the trusted intermediate certificate to trusted.certs via a script?

enter image description here

In the picture above, whatever intermediate certificates are in trusted.certs at this location C:\Windows\Sun\Java\Deployment show up under System Trusted Certificates on the java control panel (Security tab->certificates)

For example suppose I have trusted intermediate certificate say C.cert and I would like to add this to trusted.certs file at C:\Windows\Sun\Java\Deployment via a script or a command so that it is displayed under System certificates in the java control panel. How this can be achieved?

Improve this question
4
  • Why is the import button disabled?
    – Ramhound
    Commented Feb 21, 2019 at 0:54
  • @Ramhound user not setup as admin probably.
    – Nishant
    Commented Feb 21, 2019 at 1:15
  • Your going to go resolve that issue before you can run any command in a elevated command prompt
    – Ramhound
    Commented Feb 21, 2019 at 1:23
  • Thank you @Ramhound When i update the trusted.certs file at C:\Windows\Sun\Java\Deployment, the certificates show up in the system certificates. I have full permissions on the file trusted.certs. What I am after is a way to add an intermediate certificate to 'trusted.certs' via command/script. If the certificate is added to that file, it will automatically show up in under the System trusted certificates. I have admin rights to run commands.
    – Nishant
    Commented Feb 21, 2019 at 1:43

1 Answer 1

Reset to default
2

Is there a way to add the trusted intermediate certificate to trusted.certs via a script?

You can use key tool to accomplish this. The following command would import test.cer into the certificate store.

keytool -import -keystore cacerts -file -noprompt test.cer

or to the truststore:

keytool -noprompt -importcert -alias mycert -file mycert.cer -keystore truststore

Source:

Improve this answer
3
  • Thanks Ramhound. But what about the trusted.certs file at this location - C:\Windows\Sun\Java\Deployment?
    – Nishant
    Commented Feb 21, 2019 at 2:47
  • 1
    You would substitute -keystore with -truststore
    – Ramhound
    Commented Feb 21, 2019 at 3:20
  • the updated truststore file needs to be copied to the Deployment folder for the certificate to show up in the java control panel under System trusted certificate. After this, a few other popups appeared when the application was run on jre8. I had to create DeploymentRuleSet.jar sign it and copy it to Deployment folder as above. All my issues seem to be resolved now. Thanks Ramhound for your time in helping me out :-)
    – Nishant
    Commented Feb 22, 2019 at 10:28

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .