...
Code Block |
---|
# View all certificates keytool -list \ -storepass changeit \ -keystore $JAVA_HOME/usrlib/local/ubisecure/ubilogin-sso/ubilogin/custom/tomcat/keystore.pfx |
Result before the import
Code Block |
---|
Keystore type: PKCS12 Keystore provider: SUN Your keystore contains 1 entry tomcat, Aug 28, 2023, PrivateKeyEntry, Certificate fingerprint (SHA-256): FF:BC:BE:57:69:2C:F0:35:06:8D:2D:F8:F3:42:D7:02:5F:1B:0D:47:29:1B:34:4D:FF:B5:DB:0F:1C:3B:4A:0Asecurity/cacerts \ | grep -i openldap |
Result before the import
Code Block |
---|
Warning: use -cacerts option to access cacerts keystore |
Export the newly generated certificate to SSO tomcat
Code Block |
---|
# Export serverkey keytool -importimportcert \ -trustcacerts \ -keystore /usr/local/ubisecure/ubilogin-sso/ubilogin/custom/tomcat/keystore.pfxalias openldap-trusted \ -storepass changeitkeystore $JAVA_HOME/lib/security/cacerts \ -noprompt \ -alias 1-ubilogin-directorystorepass changeit \ -file ~/ssl/servercert.pem |
Check keystore after import (note, make sure that the trusted self-signed certificate is topmost position).
Code Block |
---|
# View all certificates keytool -list \ -storepass changeit \ -keystore $JAVA_HOME/usrlib/local/ubisecure/ubilogin-sso/ubilogin/custom/tomcat/keystore.pfx |
Result after the import
Code Block |
---|
Keystore type: PKCS12 Keystore provider: SUN Your keystore contains 2 entries 1-ubilogin-directory, Aug 28, 2023, trustedCertEntry, Certificate fingerprint (SHA-256): B9:08:F3:95:D7:4D:FD:ED:F7:E2:FC:8F:DE:81:B5:74:EE:2B:5F:2F:3C:96:9B:81:B8:06:3C:1E:3E:F0:89:0C tomcat, Aug 28, 2023, PrivateKeyEntry, Certificate fingerprint (SHA-256): FF:BC:BE:57:69:2C:F0:35:06:8D:2D:F8:F3:42:D7:02:5F:1B:0D:47:29:1B:34:4D:FF:B5:DB:0F:1C:3B:4A:0Asecurity/cacerts \ | grep -i openldap |
Result after the import
Code Block |
---|
Warning: use -cacerts option to access cacerts keystore
openldap-trusted, Aug 29, 2023, trustedCertEntry, |
Change ownership for generated files
...