A lot of times, I have seen myself and others having trouble contacting a website that uses a certificate, but whose CA is not in the global Java truststore. This short description aims at alleviating the problem.

Creating a local truststore

Creating a truststore with the nczisk certificate with the InstallCert program:

get the InstallCert source code from https://github.com/manniche/installcert

get the certificate from the nczisk site:

echo -n | openssl s_client -connect ecrts.nczisk.sk:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ecrts.nczisk.sk

build the binaries with mvn package
run the program:
java -cp target/classes com.aw.ad.util.InstallCert ecrts.nczisk.sk
copy the resulting jssecacerts keystore into the root of the TSAM Synchronizer folder.
In the bin/ folder of the TSAM Synchronizer, edit the epsos.properties, adding the following information:

javax.net.ssl.keyStore={absolute path}/epsos-common-components.tsam-sync/jssecacerts
javax.net.ssl.trustStore={absolute path}/epsos-common-components.tsam-sync/jssecacerts

Browser not supported