Wednesday, October 4, 2017

Keystore and Truststore Creation

Notes on  Keystore and  Truststore Creation Create a certificate for the broker by using the keytool. keytool -genkey -alias broker ... thumbnail 1 summary
Notes on Keystore and  Truststore Creation
  1. Create a certificate for the broker by using the keytool.
    keytool -genkey -alias broker -keyalg RSA -keystore broker.ks
  2. Export the broker's certificate to share with clients.
    keytool -export -alias broker -keystore broker.ks -file broker_cert
  3. Create a certificate/keystore for the client.
    keytool -genkey -alias client -keyalg RSA -keystore client.ks
  4. Create a truststore for the client and import the broker's certificate. This establishes that the client "trusts" the broker.
    keytool -import -alias broker -keystore client.ts -file broker_cert
  5. Export the client's certificate so it can be shared with broker:
    keytool -export -alias client -keystore client.ks -file client_cert
  6. Create a truststore for the broker, and import the client's certificate. This establishes that the broker "trusts" the client:
    keytool -import -alias client -keystore broker.ts -file client_cert
NOTE:You must use the same passwords that were used for creating the keystores to configure the Fan-Out components for SSL.


Ref : https://www.netiq.com/documentation/idm45drivers/jdbc_fanout/data/b1ij9r99.html

No comments

Post a Comment

Subscribe to: Post Comments (Atom)