Had a small Issue with a few Java apps that I run.  The apps connect to MS Exchange and download attachments from emails, send out emails, create calendar entries, etc.

The problem was that this past weekend I updated my Exchange certs to use my Microsoft Certificate Server Certs, which of course, is not part of the default “Trusted Root Cert keystore”, so I had to add it.

So in order to add your MS Root Cert, you need to (By the way, this will work with any other 3rd party CA certs)

  1. Point your browser to your root certificate server
  2. Click on the link “Download a CA certificate, certificate chain, or CRL”
  3. Download the CA cert (DER format is fine)
    (I saved the CA certificate as “C:\certnew.cer”, remember the location because you will need it in for the import command)
  4. Open up a command windows and type the following command

    C:\Java\jre1.5.0_06\bin\keytool.exe -import -keystore C:\Java\jre1.5.0_06\lib\security\cacerts -file “C:\certnew.cer”

    When it prompts for a password, enter your keystore password (note that in this example im using the default password for java keystores which is “changeit”)

    The output of the command should look like this

  5. Test out your java application now, you should be OK with certificates signed by your Microsoft Root Certificate Server from now on.
Facebook Twitter Email Linkedin Digg Delicious