As both @Kevin.Herron and @ryanjmclaughlin have mentioned, just by dropping the certificate into the data\certificates\supplemental folder, and restarting the Gateway did the trick for me.
If that didn’t work for you, maybe you can check the following settings:
- Primary Domain Controller Port: I have successfully used both 636 and 3269.
- Use SSL: Checked.
- Security Protocol: SSL (although Auto worked on a recent 8.0.14 installation).
And to check if the certificate was imported correctly, I ran the following command under the lib\runtime\jre-win\bin folder:
This will list all certificates:
keytool -list -v -keystore ..\lib\security\cacerts
But to filter the list, you can use the alias which in my case was the file name and extension
keytool -list -v -keystore ..\lib\security\cacerts -alias file_name.extension
Just substitue file_name.extension with the name of your certificate file.
But this begs the following question.
What happens when the certificate expires and it is replaced? Does dropping the new certificate into the suplemental folder and restarting the Gateway will handle it automatically or does one have to delete the certificate from cacerts manually?