Importing an SSL Certificate into Your Java Trusted Keystore with JRE

You import the downloaded/exported SSL certificate into your Java trusted keystore to resolve communication issues with AWS S3 and SQS. There are different instructions depending on whether Java (JDK) or JRE is installed on the server where SAP Commerce is hosted.

To import an SSL certificate into your Java trusted keystore with JRE:
  1. Run the Java keytool command to import the certificate into the keystore.
  2. Open a command prompt and change to the following directory: <location> \bin\jre\6.0\bin.

where <location> is the file directory where SAP Commerce is installed.

Note: On 64-bit computers, add the certificates to the bin64 folder.

  1. Run the following command line. Although for formatting purposes the command is displayed with line breaks, you should enter the entire command on one line.

keytool -import -file "C:\<location>\bin\ssl\applixca.pem"

-keystore "C:\<location>\bin\jre\6.0\lib\security\cacerts"

-storepass "changeit"Copy

For 64-bit installations, target the 64-bit folder when dealing with the certificates. For example, this sample command targets the 64-bit jre:

cd C:\Program Files (x86)\SAP\TM1_64\bin64\jre\6.0\binCopy

The following command is an example used on 64-bit systems. Although for formatting purposes the command is displayed with line breaks, you should enter the entire command on one line.

keytool -import -file "C:\Program Files (x86)\SAP\TM1_64\bin64\

ssl\applixca.pem" -keystore "C:\Program Files (x86)\SAP\TM1_64\bin64\

jre\6.0\lib\security\cacerts" -storepass "changeit"Copy

Note: If you do not correctly target the 64-bit locations for certificates when running a 64-bit installation, a warning message is displayed, indicating that you cannot contact the servers.

  1. When prompted to trust or add the certificate, enter yes.

The following message is displayed: Certificate was added to keystore.

  1. You may need to restart the server where SAP Commerce is hosted for the change take effect.