Warning: use -cacerts option to access cacerts keystore

Question

I am adding a cert to the Java keystore and I get the following warning. The command is successful.

keytool -import -trustcacerts -keystore /usr/lib/jvm/java-11-openjdk-amd64/lib/security/cacerts -storepass changeit -noprompt -alias my_root_ca.pem -file /usr/share/ca-certificates/foo/my_root_ca.pem

The warning is:

Warning: use -cacerts option to access cacerts keystore

How do I get rid of this warning?

Thanks

Answer 1

It's quite easy. If you check keytool manual you can see the following:

$ keytool -importcert -help
keytool -importcert [OPTION]...

Imports a certificate or a certificate chain

Options:

 ... removed for clearity
 -cacerts                access the cacerts keystore

To get rid of that warning you must use -cacerts option instead of calling cacert keystore:

keytool -import -trustcacerts -cacerts -storepass changeit -noprompt -alias my_root_ca.pem -file /usr/share/ca-certificates/foo/my_root_ca.pem