Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. IT Analytics Help
  3. Section VII. Data Collector Installation and Configuration for Cohesity NetBackup
  4. Configure SSL
  5. Import a certificate into the Data Collector Java keystore

Import a certificate into the Data Collector Java keystore

Use the following steps to add an SSL certificate to the Java keystore for a Data Collector. Some servers, such as vSphere, require a certificate for connection while communicating with SSL.

See Configure the Data Collector to trust the certificate.

See Keystore file locations on the Data Collector server.

  1. Copy the certificate file (server.crt file) to the Data Collector.

  2. If you are not running the Data Collector installer from the default collector location for an upgrade (/opt/aptare or C:\Program Files\Aptare) or for a fresh installation (/usr/openv/analyticscollector/ or C:\Program Files\Veritas\AnalyticsCollector), substitute the appropriate path for <APTARE_HOME> in the command path in the following commands:

    Linux:

    <APTARE_HOME>/java/bin/keytool -importcert -alias "somealias" -file server.crt -keystore <APTARE_HOME>/java/lib/security/cacerts
    <APTARE_HOME>/java/bin/keytool -import -alias "somealias" -file server.crt -keystore <APTARE_HOME>/upgrade/upgradeManager/jre/lib/security/cacerts

    Windows:

    "<APTARE_HOME>\java\bin\keytool" -importcert -alias "somealias" -file server.crt -keystore "<APTARE_HOME>\java\lib\security\cacerts"
    "<APTARE_HOME>\java\bin\keytool" -import -alias "somealias" -file server.crt -keystore "<APTARE_HOME>\upgrade\upgradeManager\jre\lib\security\cacerts"
  3. When prompted, enter the default password to the keystore:

    changeit

    The results will be similar to the following example:

    Enter keystore password:
    ......
    Certificate Shown here
    ......
    Trust this certificate? [no]: yes
  4. Once completed, run the following keytool command to view a list of certificates from the keystore and confirm that the certificate was successfully added. The certificate fingerprint line displays with the alias name used during the import.

    Linux:

    <APTARE_HOME>/java/bin/keytool -list -keystore <APTARE_HOME>/java/lib/security/cacerts

    Windows:

    "<APTARE_HOME>\java\bin\keytool" -list -keystore "<APTARE_HOME>\java\lib\security\cacerts"

    Sample Linux Output

    Enter keystore password:
    Keystore type: JKS
    Keystore provider: SUN
    Your keystore contains 79 entries
    digicertassuredidrootca, Apr 16, 2008, trustedCertEntry,
    Certificate fingerprint (SHA1):
    05:63:B8:63:0D:62:D7:5A:BB:C8:AB:1E:4B:DF:B5:A8:99:B2:4D:43
    trustcenterclass2caii, Apr 29, 2008, trustedCertEntry,
    Certificate fingerprint (SHA1):
    AE:50:83:ED:7C:F4:5C:BC:8F:61:C6:21:FE:68:5D:79:42:21:15:6E
    .....

Feedback

Was this page helpful?
Previous

Keystore file locations on the Data Collector server

Next

Keystore on the portal server

Feedback

Was this page helpful?