How is the Trusted Root Certificate installed using the Keytool utility?

keytool -import -alias <alias> -keystore <your_keystore_filename> -trustcacerts -file <filename_of_the_root>

As an example:

C:\>keytool -import -alias Root -keystore c:\.mykeystore -trustcacerts -file c:\root.cer

Enter keystore password:

Trust this certificate? [no]:  y

Certificate was added to keystore.

Note – Do not use the same alias name as you used to create the certificate signing request. The Root must be installed under a separate alias.

{JDK_HOME}\bin\keytool -importcert -trustcacerts -file c:\<your cert filename> -keystore {JDK_HOME}\jre\lib\security\cacerts -storepass changeit