Obtaining a certificate from a CA typically involves the following actions:
l Generating a certificate request and sending it to the CA for processing.
l Receiving the digitally signed certificate from the CA.
If the JRE is configured to use your own trusted keystore (and not the default trusted store cacerts), you must load the CA root certificate into your trusted keystore and not into the default trusted store cacerts. To determine whether your JRE is using your own trusted keystore, ensure that the javax.net.ssl.trustStore Java start parameter points to trusted keystore; for example, -
Djavax.net.ssl.trustStore=Absolute_path_to_Trusted_keystore
