Hello,

I have a question about SSL and the file under java/lib/security/cacerts which contains trusted certificate.
My application has to connect to an SSL server. Until now I was specifying my own keystore to establish this SSL connection.

Now I have to connect to a new SSL server having a new certificate issued with a new root trusted certificate.
I first wanted to add this new root (Verisign) certificate in my application keystore but after I was thinking about adding it in java/lib/security/cacerts to make it available to any other java application.
After testing, it seems that if I provide a local keystore to my application, the global java keystore java/lib/security/cacerts is not taken into account.
This means that if I only add the new certificate in my java/lib/security/cacerts I cannot connect.
If I want to connect I have to add the new certificate in my local keystore.

I though that the global java keystore java/lib/security/cacerts was always taken into account.

Is that normal? I cannot find any description about that on internet.

Thanks in advance for your answer.

Alain