Content Gateway (Linux): Fail to open certain repositories; SSlhanshakeException seen in the log


Certain repositories fail to open. SSlhanshakeException is seen in the logs. 



The repository’s SSL certificate is not trusted by the Content Gateway. SSlhanshakeException is seen in the logs when the repository uses a nonstandard CA signed certificate which the Java doesn’t trust. To overcome this issue, add the nonstandard CA certificate in the Java Runtime Environment (JRE) trust store.



  1. Acquire the certificate for the repository and save it as example.cer
  2. Go to the jdk\jre\lib\security folder of the JRE directory and view the installed certificates using the keytool command, 

keytool -list -keystore cacerts

       3. Enter the store password when prompted. The default password is changeit. The number of certificates installed is seen.

       4. Import the example.cer certificate by running the command 

keytool -import -keystore cacerts -file example.cer

       5. Enter 'Y' when prompted with the question Trust this certificate? [no]: . On entering Y, the certificate will be added to the truststore.

Have more questions? Submit a request


Article is closed for comments.