Creating a Trust Store Keystore

You can create a trust store with keytool if you have a trusted public certificate.

1. Acquire the public certificate for your server or the root CA certificate authority that signed the certificate.
   A root CA is an entity like VeriSign that digitally signs your certificate. The certificate will be in a file with a special extension such as .pem extension.
2. Use the JDK keytool utility to create a keystore containing the certificate from Step 1.

   JAVA_HOME\bin\keytool -import -v -trustcacerts -alias MyCert
   -file server.cer -keystore MyTrustStore.jks -keypass secret -storepass keystorePassword 
   

   Record the values of the keytool options because you must supply them when you upload the trust store keystore into TIBCO Configuration Tool or Administrator.