Keystore/trustore file of certs loaded in supplemental folder

After placing certificates in "Ignition\data\certificates\supplemental" in which keystore/truststore are they loaded to?

I don't see them in Ignition\lib\runtime\jre-win\lib\security\cacerts nor do I see them in metro-keystore

Thanks in advance.

This should be where they end up.

Did you restart the Ignition Gateway after adding certs to that directory?

Yes, I did restart it.

I have a .pfx file in the folder

But I can't seem to find it in the cacerts

The one highlighted in yellow is another cert that I inserted manually.
so ideally I would have to have 2 certs.

You need to drop a DER-encoded or PEM-encoded certificate file into that directory, not a PFX file.

Does this load into the "cacerts"?

KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(new FileInputStream(certPath), certPass);

A new KeyStore object encapsulating the KeyStoreSpi implementation from the first Provider that supports the specified type is returned.

can you please help me understand why this piece of code works only when I put the "xyz.pfx" file in the Ignition\data\certificates\supplemental folder?

String certPath = "C:\folder\xyz.pfx";
String pass = "test_password";
char certPass[] = pass.toCharArray();
try {
    KeyStore keyStore = KeyStore.getInstance("PKCS12");
    keyStore.load(new FileInputStream(certPath), certPass);
    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    keyManagerFactory.init(keyStore, certPass);
    SSLContext ctx = SSLContext.getInstance("TLSv1.3");
    ctx.init(keyManagerFactory.getKeyManagers(), null, null);
    HttpClient client = HttpClient.newBuilder().sslContext(ctx).build();

Without the "xyz.pfx" in the supplemental folder, the code compiles and executes but I get "' error"

Sorry, I have no idea why that makes a difference.

I'd only expect it to work if there was actually a PFX at this path containing the appropriate root for whatever server you're talking to.

There is a PFX file in that directory but even if I put it in another directory like

String certPath = "D:\folder\xyz.pfx";

it seems to work as long as the PFX file is in the supplemental folder.