Adding crt file allows Java to access your self-signed ssl site without doing something like Insecurity HTTPS Connection.

Assume the location of your Java JDK is in C:\Program Files\Java\jdk1.8.0_131\. The following steps add the crt to Java key store:

1. Open a command console (cmd)
2. cd to C:\Program Files\Java\jdk1.8.0_131\bin
3. input

   keytool -import -trustcacerts -keystore "c:\Program Files\Java\jdk1.8.0_131\jre\lib\security\cacerts" -storepass changeit -noprompt -alias YOUR_ALIAS -file YOUR_CRT_FILE_LOCATION.crt

4. The screen should display Certificate was added to keystore if everything runs fine.

For the above command, YOUR_ALIAS can be anything that related to your cert you like, and YOUR_CRT_FILE_LOCATION.crt is the location of your crt file.

Assume you are in the directory of the Java cacerts directory, for example, C:\Program Files\Java\jdk1.8.0_152\jre\lib\security for JDK8.

You need to know both the source and destination keystore passwords in advance. The default one for java cacerts is changeit.

keytool -importkeystore -srckeystore "PATH_OF_YOUR.jks_FILE" -destkeystore cacerts

Become su, or run cmd with as Administrator in Windows. changeit is the default password for java jre.

keytool -delete -alias smicacert -keystore /usr/j2se/jre/lib/security/cacerts
Enter keystore password:  changeit

from https://docs.oracle.com/cd/E19683-01/817-2874/6migoia18/index.html

Run your java program with the following VM Options, <path_to_jks_file> should be replaced with the actual path of your crt file.

-Djavax.net.ssl.trustStorePassword=changeit -Djavax.net.ssl.trustStore=<path_to_jks_file>