Import a trusted root certificate into Omniscope's cacerts file

Modified on Wed, 17 May, 2023 at 1:55 PM

Omniscope is a Java based app, and if your organisation requires non-public root certificate(s) to be registered as trusted - common for larger enterprises - you will need to import them into Omniscope's cacerts file. 

Your systems administrator should be able to provide these and assist with this process.


You will know that you need to do this if Omniscope server-side is reaching out to other internal domains in your organisation, and errors are occurring relating to certification paths or PKIX path building. For example, you might use a File block to retrieve data from a URL. Or you might be clicking Test Connection in the OpenID Connect provider configuration dialog.


This task needs to be completed on the Omniscope server after installing Omniscope. And when installing a new Omniscope version over an existing Omniscope installation, you should backup and restore the same cacerts file in the process, to avoid having to repeat the steps below.


Instructions


On Windows: Open Windows Explorer. Navigate to C:\Program Files (x86)\Visokio Omniscope\x64\lib\security (if installed system-wide) or C:\Users\<username>\AppData\Local\Visokio Omniscope app\x64\lib\security (if installer per-user) and locate the cacerts file.


On Linux: in a terminal, navigate to (typically) ~/visokio-omniscope/x64/lib/security and locate the cacerts file.


Create a backup copy of the file before making any changes.

Depending on the certificates you receive from the certificate authority you are using, you may need to import an intermediate certificate and/or root certificate into the cacerts file. Use the following syntax to import one or both of these certificates:

keytool -import -alias <alias> -keystore <cacerts_file> -trustcacerts -file <certificate_filename>


If you are importing multiple certificates, the alias specified for each certificate should be unique.


Type the password for the keystore at the “Password” prompt and press Enter. The default password for the cacerts file is “changeit”. 

Type ‘y’ at the “Trust this certificate?” prompt and press Enter.


Restart Omniscope after making this change.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article