inFORM Decisions Information Portal

User Tools

Site Tools

Trace:
pub:esndfilurlcert

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
pub:esndfilurlcert [2018/06/21 12:47] kkramerpub:esndfilurlcert [2018/06/22 09:30] kkramer
Line 1: Line 1:
 ===== ESNDFILURLCERT ===== ===== ESNDFILURLCERT =====
-Create and change to working directory in Qshell: /home/agavecerts2016+Example to create and change to working directory in Qshell: /home/agavecerts2016
 <html> <pre>  <html> <pre> 
-**Step1:****Bold Text** Create client certificate keystore agave.keystore+Step1: Create client certificate keystore agave.keystore
 keytool -genkey -alias agave -keyalg RSA -keystore agave.keystore -keysize 2048 keytool -genkey -alias agave -keyalg RSA -keystore agave.keystore -keysize 2048
    
Line 24: Line 24:
   [no]:  yes   [no]:  yes
    
-**Step 2:** Create Certificate Request and send file agave.csr in /home/agavecerts2016 to ADP, +Step 2: Create Certificate Request and send file agave.csr in /home/agavecerts2016 to ADP, 
 ask them sign into this file. ADP will send us a .der file, name it to agave.der ask them sign into this file. ADP will send us a .der file, name it to agave.der
 keytool -certreq -alias agave -file agave.csr -keystore agave.keystore keytool -certreq -alias agave -file agave.csr -keystore agave.keystore
    
-**Step 3:** Import certificates into keystore file: Put agave.der (client certificate) and all ADP server CA certificates into folder /home/agavecerts2016. In Qshell, change to this directory as current directory. +Step 3: Import certificates into keystore file: Put agave.der (client certificate) and all ADP server CA certificates into folder /home/agavecerts2016. In Qshell, change to this directory as current directory. 
 Import CA certificates of ADP into the agave.keystore in proper order: Root CA, Intermediate CA, User CA Import CA certificates of ADP into the agave.keystore in proper order: Root CA, Intermediate CA, User CA
 Import server certificate: keytool -import –v -trustcacerts -alias serverCA -file serverCA.der -keystore agave.keystore Import server certificate: keytool -import –v -trustcacerts -alias serverCA -file serverCA.der -keystore agave.keystore
 Import client certificate: keytool -import –v -trustcacerts -alias agave -file agave.der -keystore agave.keystore (if the certificate was there, do not override it, just let it be) Import client certificate: keytool -import –v -trustcacerts -alias agave -file agave.der -keystore agave.keystore (if the certificate was there, do not override it, just let it be)
    
-**Step 4:** Import new client-signed (.der file) and server CA certificates into JRE cacerts+Step 4: Import new client-signed (.der file) and server CA certificates into JRE cacerts
 keytool -import –v -trustcacerts -alias serverCA -file serverCA.der -keystore <$JAVA_HOME>/lib/security/cacerts -storepass changeit keytool -import –v -trustcacerts -alias serverCA -file serverCA.der -keystore <$JAVA_HOME>/lib/security/cacerts -storepass changeit
 keytool -import –v -trustcacerts -alias agave -file agave.der -keystore <$JAVA_HOME>/lib/security/cacerts -storepass changeit keytool -import –v -trustcacerts -alias agave -file agave.der -keystore <$JAVA_HOME>/lib/security/cacerts -storepass changeit
Line 39: Line 39:
 (password is changeit) (password is changeit)
    
-**Note**: Client and server certificates must be imported into both .keystore and cacerts files with same commands +Note: Client and server certificates must be imported into both .keystore and cacerts files with same commands 
-  +Use command ESNDFILURL with parameters KEYSTORE(‘/home/agavercerts/agave.keystore’) KSPASS(‘inform’) TRUSTSTORE(‘<$JAVA_HOME>/lib/security/cacerts’) TSPASS(‘changeit’) KSALIAS(‘agave’) 
-Use command **ESNDFILURL** with parameters KEYSTORE(‘/home/agavercerts/agave.keystore’) KSPASS(‘inform’) TRUSTSTORE(‘<$JAVA_HOME>/lib/security/cacerts’) TSPASS(‘changeit’) KSALIAS(‘agave’) +Use command ERCVFILURL with parameters KEYSTORE(‘/home/agavercerts/agave.keystore’) KSPASS(‘inform’) TRUSTSTORE(‘<$JAVA_HOME>/lib/security/cacerts’) TSPASS(‘changeit’)
-Use command **ERCVFILURL** with parameters KEYSTORE(‘/home/agavercerts/agave.keystore’) KSPASS(‘inform’) TRUSTSTORE(‘<$JAVA_HOME>/lib/security/cacerts’) TSPASS(‘changeit’)+
    
 Some properties that are used in programs: Some properties that are used in programs:
pub/esndfilurlcert.txt · Last modified: 2022/06/25 17:02 by 127.0.0.1