How to search Java Keystore to see if a certificate is on the list:

confirm that Java path is added to the Environment Variables. For example

Variable name: JAVA_HOME   Variable value:

C:\Program Files\Java\jre1.8.0_192

Test it:

C:\Users\Test>echo %java_home% C:\Program Files\Java\jre1.8.0_192

Try listing all the certificates in the keystore using this command

C:\Users\Test>keytool -list -keystore "C:\program files\java\jre1.8.0_192\lib\security\cacerts

Enter keystore password:
Keystore type: jks
Keystore provider: SUN

Sample Output:

Your keystore contains 156 entries
verisignclass2g2ca [jdk], Apr 25, 2016, trustedCertEntry,Certificate fingerprint (SHA1): B3:EA:C4:47:76:C9:C8:1C:F2:9D:95:B6:CC:A0:08:1B:97:EC:9Ddigicertassuredidg3 [jdk], Mar 25, 2016, trustedCertEntry,Certificate fingerprint (SHA1): F5:17:A2:4F:48:C6:C9:F8:A2:00:26:9F:DC:0F:48:2C:AB:40:89verisignuniversalrootca [jdk], Feb 25, 2016, trustedCertEntry,Certificate fingerprint (SHA1): 36:79:CA:35:66:87:72:30:4D:30:A5:FB:87:3B:0F:A7:7B:B7:99digicerttrustedrootg4 [jdk], Jan 25, 2016, trustedCertEntry,

Create a text file of the certificate list for easy parsing, do not forget to add a password to the list being generated.

C:\Users\Test>keytool -list -keystore "C:\program files\java\jre1.8.0_192\lib\security\cacerts" > keytool_list.txt

How to Import individual Certs into Java Keystore:

C:\Users\Test>keytool -keystore "C:\program files\java\jre1.8.0_192\lib\security\cacerts" -importcert -file "Name_of_cert_to_import.cer" -alias "Name_of_cert_being_imported"

if imported successfully, the system will ask you if it should trust the certificate, type yes and then you will get this confirmation message

Certificate was added to keystore

Run this command again and search the text file for the added certificates to make sure they were added correctly.

C:\Users\Test>keytool -list -v -keystore "C:\program files\java\jre1.8.0_192\lib\security\cacerts" > keytool_list.txt