After creating the certificate, you must export it to make it ready for importing into the local keystore.

To export for local keystore import

  1. Create the self-signed certificate (see Generating and storing a self-signed certificate).
  2. Export it to make it ready for importing into the local keystore using the following command (assuming the name of your certificate is file.cer):
  3. $JAVA_HOME/bin/keytool -export -alias tomcat -file file.cer
  4. Import the certificate into the keystore.
  5. $JAVA_HOME/bin/keytool -import -alias tomcat -file file.cer -keystore $JAVA_HOME/lib/security/cacerts

