Add a root certificate to IBM Domino JVM keystore

Sometimes it is necessary to add a root certificate to the Domino JVM (Java Virtual Machine) keystore file. This can easily be done with the already installed tool „IBM Key Management“:

  • Open a command prompt windows with administrator priviledges on the Domino server
  • cd \(Domino-Program-Directory)\jvm\bin
  • ikeyman
  • Click „Key Database File“ and then „Open“. Select the file „cacerts“ in the directory \(Domino-Program-Directory)\jvm\lib\security. You need to have „All files“ selected to see it. The password to open the file is „changeit“.
  • Change to „Signer Certificates“
  • Click „Add“ and browse to the root certificate you need to import. Click „OK“ and enter any descriptive text for this certificate.
  • Restart the Domino server.