Import Certificate for ColdFusion10

Are you sure the import worked? Whenever I imported certificates in the past (using CF9) I needed to provide a password for the cacerts keystore. I don't see this in your posted example. The import command should be something like this:

keytool -import -v -alias giveUniqueName -file filename.cer -keystore cacerts -storepass thePassword

      

        
        
        
      

    

Here is the command line to verify the imported certificate:

keytool -list -v -keystore cacerts -alias giveUniqueName -storepass thePassword

      

        
        
        
      

    

I haven't provided a password here, but I'm sure you can use it. If not, send me a message and I can relay it to you.

And yes, I always export the certificate in DER format. This should work. In addition, you may need to provide path information depending on where you run the keytool commands and where your certificate file is located.

One more note: make sure you are updating the correct cacerts file that ColdFusion uses. If multiple JREs are installed on this server. You can verify that the ColdFusion JRE is used by the administrator in the System Information section. Find the line Java Home

.

Oh - and you have to restart ColdFusion after import.

UPDATE FOR CF10

I found a discussion on the forum ( here ) talking about installing certificates on CF10. The teams keytool

look slightly different in their example. In case it is slightly different from CF9, this is what they said:

keytool -importcert -alias giveUniqueName -trustcacerts -file filename.cer -keystore cacerts -storepass thePassword
Trust this certificate? [no]:  y

      

        
        
        
      

    

It looks like the check command line hasn't changed.