Please make sure you download the (default) PKCS#7 format certificate and import this into your keystore. JDK prefers this format, which contains a complete certificate chain and which includes your certificate, as well as the Signer's certificate (Root CA certificate).
Alternatively to resolve this issue, download and install the Thawte Intermediate Certificate Authority (CA) Certificate.
Step 1: Download the Intermediate CA Certificate
To download Intermediate CA Certificate, refer to our Thawte knowledge base article: INFO1384.
Step 2: Import the Intermediate CA Certificate using keytool
1. Run the following command to import the Root and/or Intermediate CA certificate:
keytool -import -trustcacerts -alias [different alias name from -genkey ie. intermediate] -keystore [same keystore name from -genkey] -file [file name of root and/or intermediate certificate]
2. Try installing certificate again.
Note: For installation of the signed certificate, the alias and keystore values must be identical to what was used to generate the private key and Certificate Signing Request (CSR). If any of the files are located in a different directory than keytool, you will need to give the full path of the file. Thawte recommends to place all files in the same folder as keytool.