Generating a Test Certificate
A keystore containing a public/private key pair and an expiring, self-signed SSL Certificate for testing is shipped with the product. If the certificate in the shipped keystore has expired, or you wish to create your own test certificate, another key pair can be generated using keytool.The testing SSL Certificate allows you to test that the HTTPS listener can run, but the testing certificate is also self-signed and is not trusted by the browser. It should not be used for anything but testing SSL/TLS.
The following instructions allow you to generate a simple key pair that is valid (by default) for three months.
To generate a test certificate from scratch:
| 1. | Install or locate a Java JVM. Verify that the keytool utility is accessible at the command line. |
| 2. | Change directory to a directory outside of the application where you wish to put the new keystore file. |
| 3. | Generate a simple key pair and non-trusted certificate into a keystore file in the current directory named keystore by typing the following: |
keytool -keystore keystore -alias tomcat -genkey -keyalg RSA
You are prompted to provide answers to several questions for the certificate. Press the Enter key to submit each of your answers. Note the password that you enter. In the next section, Configuring a new certificate with the ‘flexnet site’ command, you will enter these passwords into the FlexNet Manager for Engineering Applications Admin Configurator.
Tip:If you answer these questions accurately for the test certificate, the certificate that you generate can be used as the basis of your trusted certificate that you obtain from a certificate authority.
|
Question |
Description |
|
Enter keystore password: |
Password for the keystore. The default SSL keystore password for FlexNet Manager for Engineering Applications Admin is flexnet. The password is displayed in plain text. |
|
What is your first and last name? |
Fully qualified domain name of the machine on which FlexNet Manager for Engineering Applications Admin is installed. |
|
What is the name of your organizational unit? |
Name of your division or group in your company. |
|
What is the name of your organization? |
Your company name. |
|
What is the name of your City or Locality? |
City name. |
|
What is the name of your State or Province? |
State or province name. |
|
What is the two-letter country code for this unit? |
Two-letter code for your country. |
|
Is entry correct? |
Verify that the entries you provided are correct. Type yes or no. |
|
Enter key password for <tomcat> (RETURN if same as keystore password): |
Press Enter to use the same password for the Tomcat SSL key as the keystore uses. You must use the same password. |