Please refer the below mentioned, only if you have issue installing the certs through application UI. Once you are ready with the Keystore and CSR (Certificate Signing Request) file, follow the below mentioned:

Download the certificate files received from the CA via e-mail to the directory where your keystore (sdp.keystore) was saved during the CSR creation process. The certificates must be installed to this exact keystore. If you try to install it to a different keystore it will not work.

The certificates you had downloaded must be installed to your keystore in the correct order for your certificate to be trusted. If the certificates are not installed in the correct order, then the certificate will not authenticate properly. To find the correct order, double click on the domain certificate and then go to ‘Certification Path’.

These certificates are usually in the format .cer or .crt. If your certificate is with the extension .p7b please follow the instructions given in Installing a .P7b Certificate to export the certs to a .cer or .crt format.

Looking at the above certification path we can infer that we need to import two other certificates before the domain certificate. First is the Root, next the Intermediate and finally the Domain Certificate. Some CAs may also use another certificate called Cross Intermediate. These certificates can be downloaded from the vendor’s website.

Installing the Root Certificate file

Each time you install a certificate to your keystore you will be prompted for the keystore password, which you chose while generating your CSR. Type the following command to install the Root certificate file:

keytool -import -trustcacerts -alias root -file <File_Name>.crt -keystore sdp.keystore

NOTE: Choose ‘Yes’ if you get prompted with a message that says "Certificate already exists in system-wide CA keystore under alias <Alias Name> Do you still want to add it to your own keystore? [no]:"

You will get a confirmation stating that the "Certificate was added to keystore".

Install the Intermediate Certificates and Cross Intermediate Certificates (if any).

Follow the instructions provided by the CA.

keytool -import -trustcacerts –alias intermediate -file <File_Name>.crt -keystore sdp.keystore

keytool -import -trustcacerts –alias cross -file <File_Name>.crt -keystore sdp.keystore

You will get a confirmation stating that the "Certificate was added to keystore".

Install the Primary or the Domain Certificate file

Type the following command to install the Primary certificate file:

keytool -import -trustcacerts -alias <your_alias_name or [Domain Name]> -file your_domain_name.crt -keystore sdp.keystore

Please note that <your_alias_name or [Domain Name]> should be replaced with the alias name provided when creating the keystore (as discussed in Step 1). This time you will get a different confirmation stating that the "Certificate reply was installed in keystore”.

If you want to trust the certificate, then choose y or yes. Your Certificates are now installed to your keystore file (sdp.keystore).