How do I import a new Java CA cert without using the keytool command line utility?

Question

Executive summary: how do I install a new root certificate into Java using Java code?

We have a desktop application which accesses various web services. Recently one

Answer 1

Command-line solution. On the Mac, the Java home is /Library/Java/Home. Try:

$ sudo -i
# cd /Library/Java/Home
# keytool -import -trustcacerts -alias CAName -file CA.crt -keystore lib/security/cacerts

Substitute CAName with the name of your CA, and CA.crt with a path to your certificate file (PEM works). It will prompt for a keystore password. The default password is given in the linked article.

I had to do this for one of RapidSSL's CA certs.