Contents Now Platform Administration Previous Topic Next Topic Generate an LDAP client certificate ... SAVE AS PDF Selected Topic Topic & Subtopics All Topics in Contents Other Share Generate an LDAP client certificate Generate an LDAP client certificate for mutual authentication using OpenSSL. The final output is a PKCS#12 certificate stored within a Java keystore. Before you beginRole required: admin About this task See the OpenSSL documentation for more information about generating certificates. These steps assume you have access to OpenSSL. Enter these commands in a command line interface. Procedure Generate a self-signed client certificate. For example, this command creates a client certificate test1-cert.crt based on the test1-key.key private key. openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout test1-key.key -out test1-cert.crt Convert both the certificate file and private key to PKCS#12 (a file with a .pfx or .p12 extension). For example, this command converts the client certificate and private key to a PKCS#12 certificate called test1-certificate.pfx. openssl pkcs12 -export -out test1-certificate.pfx -inkey test1-key.key -in test1-cert.crt Generate the Java Key Store and import the pkcs12 file into it. For example, this command imports the certificate to the test1.jks Java keystore. keytool -importkeystore -srckeystore test1-certificate.pfx -srcstoretype PKCS12 -destkeystore test1.jks Upload the certificate in the keystore file (test1.jks) to the instance. What to do nextUpload a certificate to an instance Related TasksGenerate a server certificateUpload a certificate to an instanceUpload a trusted server certificate On this page Send Feedback Previous Topic Next Topic
Generate an LDAP client certificate Generate an LDAP client certificate for mutual authentication using OpenSSL. The final output is a PKCS#12 certificate stored within a Java keystore. Before you beginRole required: admin About this task See the OpenSSL documentation for more information about generating certificates. These steps assume you have access to OpenSSL. Enter these commands in a command line interface. Procedure Generate a self-signed client certificate. For example, this command creates a client certificate test1-cert.crt based on the test1-key.key private key. openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout test1-key.key -out test1-cert.crt Convert both the certificate file and private key to PKCS#12 (a file with a .pfx or .p12 extension). For example, this command converts the client certificate and private key to a PKCS#12 certificate called test1-certificate.pfx. openssl pkcs12 -export -out test1-certificate.pfx -inkey test1-key.key -in test1-cert.crt Generate the Java Key Store and import the pkcs12 file into it. For example, this command imports the certificate to the test1.jks Java keystore. keytool -importkeystore -srckeystore test1-certificate.pfx -srcstoretype PKCS12 -destkeystore test1.jks Upload the certificate in the keystore file (test1.jks) to the instance. What to do nextUpload a certificate to an instance Related TasksGenerate a server certificateUpload a certificate to an instanceUpload a trusted server certificate
Generate an LDAP client certificate Generate an LDAP client certificate for mutual authentication using OpenSSL. The final output is a PKCS#12 certificate stored within a Java keystore. Before you beginRole required: admin About this task See the OpenSSL documentation for more information about generating certificates. These steps assume you have access to OpenSSL. Enter these commands in a command line interface. Procedure Generate a self-signed client certificate. For example, this command creates a client certificate test1-cert.crt based on the test1-key.key private key. openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout test1-key.key -out test1-cert.crt Convert both the certificate file and private key to PKCS#12 (a file with a .pfx or .p12 extension). For example, this command converts the client certificate and private key to a PKCS#12 certificate called test1-certificate.pfx. openssl pkcs12 -export -out test1-certificate.pfx -inkey test1-key.key -in test1-cert.crt Generate the Java Key Store and import the pkcs12 file into it. For example, this command imports the certificate to the test1.jks Java keystore. keytool -importkeystore -srckeystore test1-certificate.pfx -srcstoretype PKCS12 -destkeystore test1.jks Upload the certificate in the keystore file (test1.jks) to the instance. What to do nextUpload a certificate to an instance Related TasksGenerate a server certificateUpload a certificate to an instanceUpload a trusted server certificate
