Adding a Commvault Certificate to the Java KeyStore on HTTP Proxy Servers with a Self-Signed Certificate

If your HTTP proxy server has SSL enabled and you use a self-signed certificate for the HTTP proxy server, you must add the Commvault security certificate to the Java KeyStore. Otherwise, you cannot log on to the Commvault Store.


  1. Go to https://cloud.commvault.com/home/.
  2. In the address bar, click the padlock button and then view the certificates in the Certificate dialog box.

    Note: The appearance and location of the padlock button and the steps for viewing the Certificate dialog box vary based on the web browser you use.

    The Certificate dialog box appears.

  3. On the Details tab, click Copy to File.
  4. Follow the steps in the wizard and save the certificate file to software_installation_path\Downloads\commvault.cer.
  5. Back up the cacerts file located at software_installation_path\jre\lib\security.
  6. In the HTTP proxy server, open a command prompt, and go to software_installation_path\jre\lib\security.
  7. Run the following command:

    keytool -importcert -keystore cacerts -storepass changeit -file software_installation_path\Downloads\commvault.cer -alias Commvault

  8. Restart Tomcat.
  9. Log on to the Commvault Store.

Last modified: 7/20/2020 5:34:16 PM