Certificates in java and linux.

Read this:
http://download.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html

Once you give up reading that, try this stuff:

wget the url to see if it exists:
wget --no-check-certificate https://www.myDomain.com.au

Check certificate for a url:
openssl s_client -connect www.mydomain.com.au:443

If it's self signed (ie the issuer is the same as the certificate), you can add it to your trusted certicates:

Copy the data inbetween the begin/end tags and put it into a file called myCertificateName.pem
-----BEGIN CERTIFICATE-----
<certificate data>
-----END CERTIFICATE-----

Convert it to a DER file by doing this:
openssl x509 -in myCertificateName.pem -inform PEM -out myCertificateName.der -outform DER

Test the certificate
openssl s_client -CApath /path/to/your/certificate/folder/ -connect www.myDomain.com.au:443

Add this certificate to your java cacerts file. This will ask you for your cacerts password.

Check to see if the certificate is in there and check when it expires. If it has expired, remove it. All these actions will ask for a password.

Read cacerts:
/usr/java/jdk1.6.0_18/jre/bin/keytool -list -v -keystore /home/myUser/certs/cacerts

Delete a cert:
keytool -delete -alias myAlias -keystore /usr/java/jdk1.6.0_18/jre/lib/security/cacerts

Import a cert:
/usr/java/jdk1.6.0_18/jre/bin/keytool  -import -v -keystore /home/myUser/certs/cacerts -file /home/myUser/certs/thawte_Premium_Server_CA.pem -alias thawtePremiumServerCA

If the root certificate is missing or another link in the chain of issuers are missing:

wget the root or other issuer certificate from the trusted certificate authorities website:
wget https://www.thawte.com/roots/thawte_Premium_Server_CA.pem

Follow the other steps of adding a certificate.

Other commands: make your own testing HTTPS certificate:
keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360 -keysize 2048