Importing certificates into JVM trust store

OpenSpecimen connects to external servers like REDCap, OpenClinica to import clinical data, LDAP directories to authenticate users etc. If the certificate of these external servers is signed by a CA whose certificate is not present in the trust store by default then those CA certificates need to be installed in the trust store.

Given below are the steps to import the certificate in trust store:

  1. Copy the CA (root) certificate to the directory $JAVA_HOME/jre/lib/security

  2. Change directory to $JAVA_HOME/jre/lib/security

  3. Import the certificate in trust store using the following command:

    1 2 3 4 $ keytool -import -alias <certificate_alias> \ -file <certificate_file.cer> \ -keystore cacerts \ -storepass changeit
  4. On importing, restart the OpenSpecimen server/process.