Importing an SSL Certificate into Your Java Trusted Keystore with JRE
You import the downloaded/exported SSL certificate into your Java trusted keystore to resolve communication issues with AWS S3 and SQS. There are different instructions depending on whether Java (JDK) or JRE is installed on the server where Adobe Experience Manager is hosted.
To import an SSL certificate into your Java trusted keystore with JRE:
Run the Java keytool command to import the certificate into the keystore.
a. Open a command prompt and change to the following directory: <location> \bin\jre\6.0\bin.
where <location> is the file directory where Adobe Experience Manager is installed.
Note: On 64-bit computers, add the certificates to the
b. Run the following command line. Although for formatting purposes the command is displayed with line breaks, you should enter the entire command on one line.
keytool -import -file "C:\<location>\bin\ssl\applixca.pem" -keystore "C:\<location>\bin\jre\6.0\lib\security\cacerts" -storepass "changeit"Copy
For 64-bit installations, target the 64-bit folder when dealing with the certificates. For example, this sample command targets the 64-bit jre:
cd C:\Program Files (x86)\AEM\TM1\_64\bin64\jre\6.0\binCopy
The following command is an example used on 64-bit systems. Although for formatting purposes the command is displayed with line breaks, you should enter the entire command on one line.
keytool -import -file "C:\Program Files (x86)\AEM\TM1\_64\bin64\ ssl\applixca.pem" -keystore "C:\Program Files (x86)\AEM\TM1\_64\bin64\ jre\6.0\lib\security\cacerts" -storepass "changeit"Copy
Note: If you do not correctly target the 64-bit locations for certificates when running a 64-bit installation, a warning message is displayed, indicating that you cannot contact the servers.
c. When prompted to trust or add the certificate, enter yes.
The following message is displayed: Certificate was added to keystore.
- You may need to restart the server where Adobe Experience Manager is hosted for the change take effect.