Using Self-signed Certificates

book

Article ID: KB0091863

calendar_today

Updated On:

Products	Versions
TIBCO DataSynapse GridServer	-
Not Applicable	-

Description

Resolution:
Follow these steps to generate and implement a self-signed certificate for SSL communication in GridServer.

   1. Generate self-signed key pair: server.keystore
      keytool -genkey -keyalg RSA -keystore server.keystore -storepass changeit -keypass changeit -dname "CN=Server.Hostname"
   2. Export binary encoding certificate: ssl.crt
      keytool -export -keystore server.keystore -storepass changeit -file ssl.crt
   3. Export base64 encoding certificate: ssl.pem
      keytool -export -rfc -keystore server.keystore -storepass changeit -file ssl.pem
   4. Import certificate to client keystore: ssl.keystore
      keytool -import -keystore ssl.keystore -storepass changeit -file ssl.crt
   5. Copy server.keystore and ssl.* to datasynapse/webapps/livecluster/WEB-INF/certs/
   6. Copy ssl.* to datasynapse/webapps/livecluster/engineUpdate/shared/
   7. Copy ssl.* to DSEngine/ for unix and Engine/ for windows
   8. Copy ssl.* to GridServerSDK-platform/config/
   9. On win32 driver machine, double click GridServerSDK-win32/config/ssl.crt to install certificate for .NET driver

NOTE: if you generate server.keystore with servercert.sh, you should not touch ssl.crt and ssl.pem, just export cert from server.keystore and import the cert to ssl.keystore.

Issue/Introduction

Using Self-signed Certificates

Feedback

thumb_up Yes

thumb_down No

Welcome to "KB Articles"