Skip to Content

Digicert Global Root G2 certificates in Jitterbit private agents

Introduction

Salesforce is changing their Global Root G2 certificate on February 6, 2026. This page explains how you can download and install the certificate to preempt any potential communications issues in Studio projects that connect to Salesforce.

How to add the Salesforce Digicert global root G2 certificate to a private agent trust store

Part 1: Check if certificate is present

  1. Log into the private agent host as root.

  2. Run the following commands:

    cd /opt/jitterbit/jre/bin
./keytool -list -keystore /opt/jitterbit/jre/lib/security/cacerts -alias digicertglobalrootg2

    Enter your keystore password when prompted.

    • If the certificate is shown, no further action is needed.

    • If you see the following error, the certificate is not yet added to the store, and you can proceed to Part 2:

      keytool error: java.lang.Exception: Alias <digicertglobalrootg2> does not exist.

Part 2: Download and add the certificate

  1. Download the official certificate from https://cacerts.digicert.com/DigiCertGlobalRootG2.crt.pem.

  2. Run the following command to import the certificate:

    ./keytool -importcert -trustcacerts -file "DigiCertGlobalRootG2.crt.pem" -alias digicertglobalrootg2 -keystore "/opt/jitterbit/jre/lib/security/cacerts"

    Important

    When prompted, overwrite the existing Digicert Global Root G2 certificate.

  3. (Optional) To confirm the certificate is loaded, run this command (from Part 1) again:

    ./keytool -list -keystore /opt/jitterbit/jre/lib/security/cacerts -alias digicertglobalrootg2