![]() Enter the Key Pair entry's password and press the OK button. If required the Unlock Entry dialog will be displayed.Select Generate CSR from the pop-up menu. Right-click on the Key Pair entry in the KeyStore Entries table.The new Key Pair entry will appear in the KeyStore Entries table.Enter the password with which to protect the new Key Pair entry, confirm it and press the OK button. If required the New Key Pair Entry Password dialog will be displayed.Enter the alias name for the new Key Pair entry and press the OK button.The New Key Pair Entry Alias dialog will be displayed.Select Version 3 and Signature Algorithm SHA256 and enter a Validity Period, Serial Number and Name.The Generate Key Pair Certificate dialog will be displayed.The Generating Key Pair dialog will be displayed and will remain visible until Key Pair generation has completed.Select the RSA Algorithm and a Key Size of 4096 and press the OK button. The Generate Key Pair dialog will be displayed.From the Tools menu, choose Generate Key Pair.The new KeyStore will appear as an additional Untitled tab.Select the 'PKCS #12 Public-Key Cryptography Standards #12 KeyStore'. The New KeyStore Type dialog is displayed.Alternatively click on the New tool bar button. (order your certificate and wait for issuance).To start from scratch and with a PFX as end result, please follow the items below This manual describes the most often used functions, like creating a keypair and CSR, importing your certificate into the keystore, exporting the keypair as PFX or PEM format, and importing a PEM key to convert to PFX. You may need to import the CA root and any intermediary certs from your certificate provider into the Authentication Manager 8.x server first.Keystore Explorer is a graphical user interface with the same powers as OpenSSL, and used for many certificate conversions. p12 file and then use that to import the certificate and private key into your new Authentication Manager server. When prompted for a password, enter the SSL Server Identity Certificate Private Key Password. Right click on the certificate name and choose Export > Export Key Pair.Once the keystore is open, find the certificate you want to export in the list.When prompted for a password enter the SSL Server Identity Certificate Keystore File Password captured above.Use the KeyStore Explorer program to open the keystore file (webserver-identity.jks).Now you have all the information you need to extract your certificate from the jks store copied off the Authentication Manager 8.x server.SSL Server Identity Certificate Keystore File Password : rkEoHHgSFzoMmKhqg4C4t0xckbR8NE SSL Server Identity Certificate Private Key Password. Note that your passwords will be different than the ones shown here: From that list you want to copy the SSL Server Identity Certificate Private Key Password and SSL Server Identity Certificate Keystore File Password, as shown in the example below. If you enter the correct account credentials the command will print a list of passwords to the screen. When you run the command, you will be prompted to enter the Operations Console administrator name and password.On the RSA server navigate to /opt/rsa/am/utils and run the following command: Lookup the certificate private key and keystore file passwords on the Authentication Manager 8.x server so you can use the KeyStore Explorer program to open and export the certificates.You can use an SFTP client such as Win SCP or Filezilla to download a copy of the file from your Authentication Manager server. The certificate database is a file called webserver-identity.jks and it is located on the Authentication Manager 8.x server in /opt/rsa/am/server/security. Download a copy of the certificate database from your Authentication Manager 8.x server and copy it to the server where you installed the KeyStore Explorer program.Download KeyStore Explorer from the internet (Windows based).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |