inFORM Decisions Information Portal

User Tools

Site Tools

Trace:
pub:esndfilurlcert

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revisionBoth sides next revision
pub:esndfilurlcert [2018/06/21 12:47] kkramerpub:esndfilurlcert [2018/06/21 12:50] kkramer
Line 2: Line 2:
 Create and change to working directory in Qshell: /home/agavecerts2016 Create and change to working directory in Qshell: /home/agavecerts2016
 <html> <pre>  <html> <pre> 
-**Step1:****Bold Text** Create client certificate keystore agave.keystore+Step1: Create client certificate keystore agave.keystore
 keytool -genkey -alias agave -keyalg RSA -keystore agave.keystore -keysize 2048 keytool -genkey -alias agave -keyalg RSA -keystore agave.keystore -keysize 2048
    
Line 24: Line 24:
   [no]:  yes   [no]:  yes
    
-**Step 2:** Create Certificate Request and send file agave.csr in /home/agavecerts2016 to ADP, +Step 2: Create Certificate Request and send file agave.csr in /home/agavecerts2016 to ADP, 
 ask them sign into this file. ADP will send us a .der file, name it to agave.der ask them sign into this file. ADP will send us a .der file, name it to agave.der
 keytool -certreq -alias agave -file agave.csr -keystore agave.keystore keytool -certreq -alias agave -file agave.csr -keystore agave.keystore
    
-**Step 3:** Import certificates into keystore file: Put agave.der (client certificate) and all ADP server CA certificates into folder /home/agavecerts2016. In Qshell, change to this directory as current directory. +Step 3: Import certificates into keystore file: Put agave.der (client certificate) and all ADP server CA certificates into folder /home/agavecerts2016. In Qshell, change to this directory as current directory. 
 Import CA certificates of ADP into the agave.keystore in proper order: Root CA, Intermediate CA, User CA Import CA certificates of ADP into the agave.keystore in proper order: Root CA, Intermediate CA, User CA
 Import server certificate: keytool -import –v -trustcacerts -alias serverCA -file serverCA.der -keystore agave.keystore Import server certificate: keytool -import –v -trustcacerts -alias serverCA -file serverCA.der -keystore agave.keystore
 Import client certificate: keytool -import –v -trustcacerts -alias agave -file agave.der -keystore agave.keystore (if the certificate was there, do not override it, just let it be) Import client certificate: keytool -import –v -trustcacerts -alias agave -file agave.der -keystore agave.keystore (if the certificate was there, do not override it, just let it be)
    
-**Step 4:** Import new client-signed (.der file) and server CA certificates into JRE cacerts+Step 4: Import new client-signed (.der file) and server CA certificates into JRE cacerts
 keytool -import –v -trustcacerts -alias serverCA -file serverCA.der -keystore <$JAVA_HOME>/lib/security/cacerts -storepass changeit keytool -import –v -trustcacerts -alias serverCA -file serverCA.der -keystore <$JAVA_HOME>/lib/security/cacerts -storepass changeit
 keytool -import –v -trustcacerts -alias agave -file agave.der -keystore <$JAVA_HOME>/lib/security/cacerts -storepass changeit keytool -import –v -trustcacerts -alias agave -file agave.der -keystore <$JAVA_HOME>/lib/security/cacerts -storepass changeit
Line 39: Line 39:
 (password is changeit) (password is changeit)
    
-**Note**: Client and server certificates must be imported into both .keystore and cacerts files with same commands +Note: Client and server certificates must be imported into both .keystore and cacerts files with same commands 
-  +Use command ESNDFILURL with parameters KEYSTORE(‘/home/agavercerts/agave.keystore’) KSPASS(‘inform’) TRUSTSTORE(‘<$JAVA_HOME>/lib/security/cacerts’) TSPASS(‘changeit’) KSALIAS(‘agave’) 
-Use command **ESNDFILURL** with parameters KEYSTORE(‘/home/agavercerts/agave.keystore’) KSPASS(‘inform’) TRUSTSTORE(‘<$JAVA_HOME>/lib/security/cacerts’) TSPASS(‘changeit’) KSALIAS(‘agave’) +Use command ERCVFILURL with parameters KEYSTORE(‘/home/agavercerts/agave.keystore’) KSPASS(‘inform’) TRUSTSTORE(‘<$JAVA_HOME>/lib/security/cacerts’) TSPASS(‘changeit’)
-Use command **ERCVFILURL** with parameters KEYSTORE(‘/home/agavercerts/agave.keystore’) KSPASS(‘inform’) TRUSTSTORE(‘<$JAVA_HOME>/lib/security/cacerts’) TSPASS(‘changeit’)+
    
 Some properties that are used in programs: Some properties that are used in programs:
pub/esndfilurlcert.txt · Last modified: 2022/06/25 17:02 by 127.0.0.1