Adding a Commvault Certificate to the Java KeyStore on HTTP Proxy Servers with a Self-Signed Certificate

If your HTTP proxy server has SSL enabled and you use a self-signed certificate for the HTTP proxy server, you must add the Commvault security certificate to the Java KeyStore. Otherwise, you cannot log on to the Commvault Store.


  1. Go to https://cloud.commvault.com/home/.
  2. In the address bar, click the padlock button and view the certificates.

    Note: The appearance and location of the padlock button and the steps for viewing the certificates dialog box vary based on the type of web browser you use.

    The Certificate dialog box appears.

  3. On the Details tab, click Copy to File.
  4. Follow the steps in the wizard and save the certificate file to software_installation_path/Downloadscommvault.cer.
  5. Back up the cacerts file located at software_installation_path/Commvault/ContentStore/jre/lib/security.
  6. In the HTTP proxy server, open a command prompt, and go to software_installation_path/Commvault/ContentStore/jre/bin.
  7. Run the following command:

    keytool -importcert -cacerts -storepass changeit -file C:Downloadscommvault.cer -alias Commvault

  8. Restart Tomcat.
  9. Log on to the Commvault Store.

Last modified: 12/27/2019 5:41:52 PM