Sam,
Normally you don't tamper with the existing JRE keystore. What
you should do is to
(1) create a new keystore
(2) import the certificate to the new keystore
(3) configure your application to trust the new keystore by setting the system properties "javax.net.ssl.keyStore" and "javax.net.ssl.trustStore" to the location of the new keystore.
Check out the keytool reference
here.