Replace the default self-signed security certificate with your own self-signed certificate
Replace the default self-signed security certificate with your own self-signed security certificate.
Steps
Find the location of
keytool on your server, and open it.
It is usually a part of the Java (JRE or JDK) installation on your server, in the
bin directory. For example:
C:\Program Files\Java\jdk1.8.0_XX\bin\keytool.exe
/usr/bin/keytool
Generate your RSA private key:
keytool -genkey -alias <YOUR_ALIAS> -keyalg RSA -validity 360 -keysize 2048 -keystore <PATH_TO_NEW_KEYSTORE_FILE>
If you want to define a password, add the following parameters to the command. Use the same password for both parameters.
-storepass <KEYSTORE_PASSWORD> -keypass <KEYSTORE_PASSWORD>
NOTE: Specify a directory outside the
PowerFlex Gateway installation directory for the newly created keystore file. This will prevent it from being overwritten when the
PowerFlex Gateway is upgraded or reinstalled.
Edit the following items in the file
<POWERFLEX_GATEWAY_INSTALLATION DIRECTORY> \conf\catalina.properties :
keystore.file=<PATH_TO_NEW_KEYSTORE_FILE>
keystore.password=<PASSWORD_DEFINED_DURING_KEYSTORE_CREATION>
If you did not define a password, the default password is
changeit .
Restart the
PowerFlex Gateway service:
Results Replacement of the security certificate is complete.