To find the type of the cacerts file, just use keytool:
~> keytool -list -keystore cacerts
Enter keystore password:
***************** WARNING WARNING WARNING *****************
* The integrity of the information stored in your keystore *
* has NOT been verified! In order to verify its integrity, *
* you must provide your keystore password. *
***************** WARNING WARNING WARNING *****************
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 77 entries
So the answers are:
- Yes,
cacerts
is of JKS type. There is no need to convert cacerts to JKS because it is already in that format.
One approach to solving this is to find the
server.xml
file in Tomca'tsconf
directory (in the client's server), then find out how the certificates or trust store are specified in the<Connector
element, then...
If something new needs to be added to the client's trust store, find the original .crt
and key files that were used to install the certificates on the client's server.
Otherwise, just make the client's application context XML point to the same trust store used by soapUI (as it has been proven working).