I have to do this so infrequently that I always have to look up the instructions again. Putting these here so I can find them easily.
I’m always surprised that there isn’t an easy way to download the cert from the command line. If there was then this could be made into a nice little script. Grabbing the cert via your browser is still the easiest way.
Go to https:\URL and click on lock icon, and download the cert into the C:\ColdFusion11\jre\lib\security\ directory or whatever the jre\lib\security directory is for your CF install
On the command line, go to your jre\bin directory
Run the following command. (Adjust your paths and cert names as necessary.)
keytool -import -trustcacerts -keystore C:\ColdFusion11\jre\lib\security\cacerts -storepass changeit -noprompt -alias MYCERTNICKNAME -file C:\ColdFusion11\jre\lib\security\MYCERTFILENAME
The MYCERTFILENAME should match the filename, the MYCERTNICKNAME can be anything, but I like to keep it the same as the filename
Restart the Coldfusion Application service