DigiCert KnowledgeBase - Technical Support-hero

Knowledge Base

Importing Digicert PKI CA Certificates Into Java CA Certificates Keystore

Solution ID : GN130820150512
Last Modified : 06/13/2024

Prior to testing certificate issuance and other account operations using requests to the Digicert PKI Platform SOAP API, the PKI Platform CA certificates need to be imported to the Java trusted certificates store on the system using keytool.


Using the relevant CA Trust Store keystore attached below, the following command can be run from a command prompt window to import the keystore into Java’s trusted certificates store: 

keytool –importkeystore –srckeystore [path\to\catruststore.jks]-destkeystore $JAVA_HOME/jre/lib/security/cacerts

Note: For these commands, the path may be different depending on where Java is installed.


To confirm that the import was successful, the contents of the CA certificates keystore can be viewed by running a list command as follows:

keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts

Note: Be sure to select the correct CA certificates keystore below based on your account type (either Test Drive, Production, or Partner PKI) to import the relevant CA certificates to be trusted on your system. Once the CA certificates have been imported into Java’s trust store, any applications that use this trust store, such as SoapUI, will trust the Digicert PKI CA certificates as well.