Importing certificates into the default truststore - Windows

Follow these steps to import certificates into the default truststore for a CAE Server running on Windows. The <Default TrustStore> for a CAE Server running on Windows corresponds to <cae_install_dir>\bin\jre\lib\security\cacerts.

About this task

Use this method if you are unable to use the preferred method of defining a secure connection, which is to obtain a non-expired certificate signed by a well-known certificate authority.


  1. Run <cae_install_dir>\bin\cqm_import_certs.bat with the following additional argument -importincacerts

    The -importincacerts option imports the certificates from <cae_install_dir>\certs, by default, or from the custom location you specify using the –certs directory argument.

    The certificates are imported into <cae_install_dir>\bin\jre\lib\security\cacerts. For more information see Creating and importing a hostname-based, self-signed certificate - Windows.
  2. Verify that you have not imported a certificate with a private key.
    1. After you have imported the certificate into the default truststore, restart the CAE Server.
    2. Connect your web browser to the CAE Server.
    3. If you do not receive any new certificate warnings, then the certificate import was successful. If you receive a certificate warning, verify that the warning is not for the certificate you just imported. If the warning is for the certificate you just imported, we recommend you consult your network administrator for assistance.
  3. After importing certificates into the default truststore, you can define a secure archive and DSM connection that uses the truststore you added.
    1. Follow the steps described in Adding an Archive Connection.
    2. When defining the new archive connection be sure to:
      • Check the Use SSL box to use SSL for the connection.
      • From the Truststore list, select the appropriate truststore.