Creating a Trust Store Keystore

You can create a trust store with keytool if you have a trusted public certificate.

Procedure

  1. Acquire the public certificate for your server or the root CA certificate authority that signed the certificate.
    A root CA is an entity like VeriSign that digitally signs your certificate. The certificate will be in a file with a special extension such as .pem extension.
  2. Use the JDK keytool utility to create a keystore containing the certificate from step 1.
    JAVA_HOME\bin\keytool -import -v -trustcacerts -alias MyCert
    -file server.cer -keystore MyTrustStore.jks -keypass secret -storepass keystorePassword 
    
    Record the values of the keytool options because you must supply them when you upload the trust store keystore into TIBCO Configuration Tool or Administrator.