I have tried to use keytool -importcert -alias (my cert alias) -file (cert file path.pem) -keystore (jre keystore path) and I get an error that says my .pem file is not an x509 certificate. I think it is because my .pem file is not formatted properly or because it contains both private key and certificate. Any suggestions? My .pem file looks like the following:
Bag Attributes
Microsoft Local Key set: <No Values>
localKeyID:
friendlyName:
Microsoft CSP Name:
X509v3 Key Usage: 10
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG...
-----END PRIVATE KEY-----
Bag Attributes
...
-----BEGIN CERTIFICATE-----
MIIHQzCCBiugAwIBAgIQDEtIx...
-----END CERTIFICATE-----
I finally was able to import the certificate into my JRE cacerts file. First I had to create a new .pem file with only the certificate:
-----BEGIN CERTIFICATE-----
MIIHQzCCBiugAwIBAgIQDEtIx...
-----END CERTIFICATE-----
Then I had to copy the cacerts file into a new location, and then run the following code to import it:
keytool -import -v -trustcacerts -alias serveralias -file /Applications/certificate.pem -keystore /cacerts
After importing the certifcate I then copied the new cacerts file back into the JRE security folder, and success!