To create a java keystore from your given a .ca-bundle and a .cer, you’ll need to have the private key that generated the .csr that you sent to the certificate signer. If instead you have .pem files for the cert and the key, you can experiment with the certificate .pem for the -in argument, and the key .pem for -inkey. Then,
- Generate a CSR. Check here.
- Common Name is the URL.
- Run the next command to get a
server.csrfile:
openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
- Run the next command to get the
keystore.p12:
openssl pkcs12 -export -certfile STAR_mangoautomation_net.ca-bundle -inkey server.key -in STAR_mangoautomation_net.crt -name NAME -out keystore.p12 -passout pass:<MORE THAN 6 CHARACTERS>
- Go to your
jdk/binfolder. - Run:
sudo ./keytool -importkeystore -destkeystore /path/to/keystore.jks -srckeystore keystore.p12 -srcstoretype PKCS12 -alias NAME -srcstorepass <MORE THAN 6 CHARACTERS>
- Enter destination keystore password:
<MORE THAN 6 CHARACTERS>. Now you have akeystore.jksfile. - Copy this into your
mango_paths_homedirectory. - Edit your
mango_paths_home/mango.propertiesfile such that:
ssl.on=true
ssl.port=443
ssl.keystore.location=/path/to/Mango/overrides/properties/keystore.jks
ssl.keystore.password=<MORE THAN 6 CHARACTERS>
- Restart Mango
- Success!