Sun N1 Service Provisioning System 5.2 Installation Guide

ProcedureHow to Create and Configure an Encoded Keystore Password

When you generate an SSL certificate, you create a keystore file and you supply a keystore password. The provisioning system must store the keystore password in the server.xml file. For added security, the provisioning system requires an encoded version of the password to store in the server.xml file.

Steps
  1. Change to the directory on the Master Server that contains the crkeys command.


    %cd N1SPS5.2-MasterServer-home/server/bin
    

    N1SPS5.2-MasterServer-home is the directory where you installed the Master Server.

  2. Create an encoded version of the password that you created when you created the keystore file.


    % crkeys -epass -password password
    

    password is the password that you created while generating the SSL certificate.

    The crkeys tool prints the encoded password on the screen. Make note of the encoded password.

  3. Change to the directory where the Tomcat configuration files are located.


    % cd /N1SPS5.2-MasterServer-home/server/tomcat/conf
    

    N1SPS5.2-MasterServer-home is the directory where you installed the Master Server.

  4. Edit the Factory element to include the encoded password.


    <Factory className="com.raplix.rolloutexpress.ui.web.EncodedPasswordSSLFactory"
               clientAuth="false" protocol="TLS" 
    	keystoreFile="/opt/SUNWn1sps/N1_Service_Provisioning_System_5.2/server/tomcat/keystore"
     keystorePass="ADD_ENCODED_PASSWORD_HERE"/>

    Change ADD_ENCODED_PASSWORD_HERE to the encoded version of the password that was generated by using the crkeys tool.