Difference between revisions of "HTTPS Provisioning"
From Observer GigaFlow Support | VIAVI Solutions Inc.
Kevin Wilkie (Talk | contribs) |
Kevin Wilkie (Talk | contribs) |
||
Line 9: | Line 9: | ||
We've kept the same default keystore password "cashelros254" | We've kept the same default keystore password "cashelros254" | ||
− | All keystore management is performed using the java keytool command. | + | All keystore management is performed using the java /opt/java/bin/keytool command. |
Generating a new keystore and self signed cert in /opt/ros/resources/prepos/roskeystore_new.jks | Generating a new keystore and self signed cert in /opt/ros/resources/prepos/roskeystore_new.jks |
Revision as of 08:12, 24 October 2016
You can view and change which ketstore is in use for SSL in the SSL panel of the Settings page
Here you can use the drop down to view the certificates in the current keystore.
We highly recommend you use a different keystore name as future updates may overwrite the existing file.
In this example, we've copied the origional keystore (/opt/ros/resources/prepos/roskeystore.jks to /opt/ros/resources/prepos/roskeystore_new.jks) We've kept the same default keystore password "cashelros254"
All keystore management is performed using the java /opt/java/bin/keytool command.
Generating a new keystore and self signed cert in /opt/ros/resources/prepos/roskeystore_new.jks
cd /opt/ros/resources/prepos/ keytool -genkey -keyalg RSA -alias selfsigned -keystore roskeystore_new.jks -storepass password -validity 360 -keysize 2048
Importing a new key into the keystore
keytool -import -trustcacerts -file wildcard.acustomer.com.cer -keystore roskeystore_kw.jks -storepass password
Removing an unrequired certificate
keytool -delete -alias cashelros -keystore roskeystore_kw.jks