Installing SSL (HTTPS) Certificate Into Java Keystore Without The Certificate File

I stumbled into a problem with Java and SSL. Our Archiva server serves Maven2 repository through SSL. I could browse it without issues using Firefox, after accepting the SSL security certificate. But Maven2 failed to download artifacts (and it didn't even raise a warning). Turned out that Java did not have the SSL certificate installed. I did not have the SSL certificate file, so how do I install it?

Turns out it's very simple. Here's how. Open the site in Firefox using an https link. You might be prompted to resolve the security certificate issue. If so, do that first. After you successfully load the page, click on the left tip of the address bar. You should see something like this:



Click "More Information...". Then click "View Certificate", open "Details" tab and click "Export...". Select "X.509 Certificate with chain (PEM)" and save the file. This file will be compatible with Java's keytool command. You can use a variant of the following command to install the certificate:

keytool -keystore "%JAVA_HOME%\jre\lib\security\cacerts" -import -file [PATH_TO_FILE]