Setup certificate for secure connection

To use a secure connection, obtain and configure a server certificate.

Before you begin

You must import the server certificate before you can add it to the Java KeyStore.

Procedure

  1. Add a server certificate to the Java KeyStore.
    OptionDescription
    If you have the RSA private key in the Java Keystore and generated the certificate from that key. keytool -import -alias keyname -file server.cert –storetype JCEKS –keystore webserver_keystore.jceks –storepass pwd
    If you have a PKCS12 file that contains the RSA key and the certificate. keytool -importkeystore -destkeystore webserver_keystore.jceks -deststoretype jceks -srckeystore <PKCS12 filename> -srcstoretype pkcs12

    Ensure that the private key password is the same as the Java Keystore password.

    To change the password, use this command:
    keytool -keypasswd -keystore webserver_keystore.jceks -alias <key
        alias>
    For testing, you can use this command to generate a self-signed certificate.
    keytool -genkeypair -alias webserver -dname cn=localhost -validity 365 -keyalg RSA -keysize
          1024 -keypass mykeypass -storetype jceks -keystore webserver_keystore.jceks -storepass
          mykeypass
  2. Save the webserver_keystore.jceks file under the /keystore directory.

Result

The user must provide the certificate alias and password when configuring the MID Web Server extension. For more information, see Configure the MID Web Server extension.