This document addresses only how to create a Java keystore which will contain an M.I.T. CA certificate. This is NOT a tutorial on Java keystores.
PREREQUISITES
Before you begin, you must have the following:
1. How to create a Server Trust Store.
You will need to obtain a mitca certificate.
For the mitca.cer certificate, go to: http://ca.mit.edu/mitca.crt and down load and save the certificate.
To create the server trust store, use the following command line:
keytool -import -keystore serverTrustStore.jks -alias mitca -file mitca.cer
When prompted for a password, use a password that is well known to you. Don't forget this password because you will need it when configuring an application to use this keystore.
Answer yes when prompted for Trust this certificate? [no]:
The serverTrustStore.jks should now contain only the mitca certificate. You can verify this by using the following command line:
keytool -list -keystore serverTrustStore.jks
And you should get something similar to:
Your keystore contains 1 entry
mitca, Sep 20, 2007, trustedCertEntry,
Certificate fingerprint (MD5): F6:F0:04:3B:10:F9:5C:CE:0B:9E:0C:A0:DA:36:93:2A