Import and configure the certificate for secure SSL connection

To use a secure SSL connection, import a server certificate and add it to the Java KeyStore.

Before you begin

You must obtain the server certificate before you can add it to the Java KeyStore.

Procedure

  1. Add a server certificate to the Java KeyStore.
    OptionDescription
    If you have the RSA private key in the Java Keystore and generated the certificate from that key. keytool -import -alias keyname -file server.cert –storetype JCEKS –keystore keystore.jceks –storepass pwd
    If you have a PKCS12 file that contains the RSA key and the certificate. keytool -importkeystore -destkeystore keystore.jceks -deststoretype jceks -srckeystore <PKCS12 filename> -srcstoretype pkcs12

    Make sure the private key password is the same as the Java Keystore password.

    You can run this command to change the password.
    keytool -keypasswd -keystore keystore.jceks -alias <key alias>
    For testing, you can use this command to generate a self-signed certificate.
    keytool -genkeypair -alias cert -keystore keystore.jceks -storetype jceks -keyalg rsa
  2. Update the edgeencryption.properties file.
    1. Change to the <installation directory>/conf/ directory.
    2. Open the edgeencryption.properties file.
    3. Enter the properties for the SSL certificate.

      The certificate must be the same for all proxies.

      Table 1. SSL certificate properties
      Property Description
      edgeencryption.proxy.https.cert.alias Alias of the certificate.
  3. Save and close the edgeencryption.properties file.