This topic describes how to create a JKS keystore.
The procedure uses the keytool utility to create a simple JKS keystore suitable for use with JSSE. Details of the keystore creation will vary depending on such factors as the tool you are using and the Certificate Authority who will sign the certificate.
This procedure assumes that you have added the keytool path to your PATH environment variable. This allows you to run the utility from anywhere on your machine. The procedure also assumes that you have created a directory (C:\MyKeys in this example) to create and store the keystore. Afterwards, you can copy it to the Jetty etc directory. (Alternatively, you can create the keystore in the Jetty etc directory.)
What is your first and last name?
The Common Name is typically composed of Host + Domain Name. The Common Name must be the same as the Web address you will be accessing when connecting to a secure site. For the Endeca Server certificate, you can use the name of the server, including its full domain name. This procedure will use app23.example.com as the Common Name. After enabling SSL, you can specify the same Common Name with the --host option of the endeca-cmd commands.
To create a keystore:
The next two steps are to obfuscate the keystore password and activate the SSL connector in the jetty-ssl.xml file.