I have to do this so infrequently that I always have to look up the instructions again. Putting these here so I can find them easily.
I’m always surprised that there isn’t an easy way to download the cert from the command line. If there was then this could be made into a nice little script. Grabbing the cert via your browser is still the easiest way.
Go to https:\URL and click on lock icon, and download the cert into the C:\ColdFusion11\jre\lib\security\ directory or whatever the jre\lib\security directory is for your CF install
Go to your jre\bin directory
Run the following command. (Adjust your paths and cert names as necessary.)
keytool -import -trustcacerts -keystore C:\ColdFusion11\jre\lib\security\cacerts -storepass changeit -noprompt -alias MYCERTNICKNAME -file C:\ColdFusion11\jre\lib\security\MYCERTFILENAME
The MYCERTFILENAME should match the filename, the MYCERTNICKNAME can be anything, but I like to keep it the same as the filename
Restart the Coldfusion Application service