You can create a trust store with keytool if you have a trusted public certificate.
Procedure
Acquire the public certificate for your server or the root CA certificate authority that signed the certificate.
A root CA is an entity like VeriSign that digitally signs your certificate. The certificate will be in a file with a special extension such as
.pem extension.
Use the JDK
keytool utility to create a keystore containing the certificate from
Step 1.
Record the values of the
keytool options because you must supply them when you upload the trust store keystore into TIBCO Configuration Tool or Administrator.