Java Keystores and Truststores

The alias in the keytool command line should match the principal that the Presto coordinator will use.

Truststore files contain certificates of trusted TLS/SSL servers, or of Certificate Authorities trusted to identify servers. For securing access to the Presto coordinator through HTTPS the clients can configure truststores. For the Presto CLI to trust the Presto coordinator, the coordinator’s certificate must be imported to the CLI’s truststore.

You can use keytool to import the certificate to the truststore. In the example, we are going to import to a custom truststore presto_trust.jks, and you will get a prompt asking if the certificate can be trusted or not.