> Now when Shibboleth has a problem with it. I am not sure where to provide > keystore.jks for it ? You could add the Certificate to Java's truststore (lib/security/cacerts). Kind regards.