How to Generate SSL Certificates

To enable the browser interface to use SSL, you must first generate an SSL Certificate. You create a keystore file and a keystore password while you generate an SSL Certificate.

Before You Begin

To create a keystore file and a keystore password you will use keytool. keytool is a security tool available with the JRE. If you do not have keytool installed, you must install keytool before you can configure the provisioning system to use HTTPS. The N1 Service Provisioning System installs the JRE. If you are configuring HTTPS after you have installed the provisioning system, keytool is installed on the system.

Steps

1. Change to the directory in which you installed the JRE.

   % cd JAVA-HOME/bin

   JAVA-HOME is the directory where you installed the JRE. If you installed the JRE with the N1 Service Provisioning System 5.1, the JRE is installed in the N1SPS5.1-home/common/jre/bin directory.

2. Generate the certificate.

   % keytool -genkey -alias tomcat -keyalg RSA -keystore /keystore-location -storepass password

   Set /keystore-location to the location and filename of the keystore file where you want to store the generated key.

   Set password to whatever password that you want to use as the keystore password.

3. Follow the prompts to complete.

   Do not include any punctuation in the name of your organization, otherwise the Java Certificate tool fails when attempting to generate the request. The Common Name (CN) must be set to the fully qualified host name, including the domain name, component of the URI.