-{% highlight bash %}
-# keytool -import -alias "My CA" -file /var/lib/puppet/ssl/ca/ca_crt.pem -keystore truststore.jks
-Enter keystore password:
-Re-enter new password:
-.
-.
-.
-Trust this certificate? [no]: y
-Certificate was added to keystore
-{% endhighlight %}
-
-You can view your certificate:
-
-{% highlight bash %}
-# keytool -list -keystore truststore.jks
-Enter keystore password:
-
-Keystore type: JKS
-Keystore provider: SUN
-
-Your keystore contains 1 entry
-
-my ca, Mar 30, 2012, trustedCertEntry,
-Certificate fingerprint (MD5): 99:D3:28:6B:37:13:7A:A2:B8:73:75:4A:31:78:0B:68
-{% endhighlight %}
-
-Note the MD5 fingerprint, you can verify this is the one from your CA:
-
-{% highlight bash %}
-# openssl x509 -in /var/lib/puppet/ssl/ca/ca_crt.pem -fingerprint -md5
-MD5 Fingerprint=99:D3:28:6B:37:13:7A:A2:B8:73:75:4A:31:78:0B:68
-{% endhighlight %}