Steps with Examples
Create the Identity Store: Create the Identity store (Keystore) that stores the private key. Typically, the Identity store is created on the Server Manager Console machine only.
C:\Java64\jdk1.8.0_211\bin\keytool -genkey -alias <your_machine_name> -keyalg RSA -keypass <private_key_password> -storepass <identity_store_password> -keystore C:\certs\keystore.jks
Export the Certificate: Export the Certificate from the Keystore created in previous step. Typically, the Certificate is exported to the Server Manager Console machine only.
C:\Java64\jdk1.8.0_211\bin\keytool -export -alias <your_machine_name> -storepass <identity_store_password> -file C:\certs\<your_machine_name>.cer -keystore C:\certs\keystore.jks
The Certificate is stored in the file:
C:\certs\<your_machine_name>.cer.
Import the Certificate: Import the Certificate from the Certificate file created in previous step. Typically, the Certificate is imported to Server Manager Console, Server Manager Agents, and on all machines that have Managed Instances. If you are using a custom Truststore, you will must import the Certificate into the custom Truststore. The command to import the Certificate to the Standard Truststore (cacerts file) is as follows:
Windows Platform
C:\Java64\jdk1.8.0_211\bin\keytool -import -v -trustcacerts -alias <your_machine_name> -file C:\certs\<your_machine_name>.cer -keystore C:\Java64\jdk1.8.0_211\jre\lib\security\cacerts -keypass <private_key_password> -storepass <trust_store_password>Certificate was added to keystore [Storing C:\Java64\jdk1.8.0_211\jre\lib\security\cacerts]
Run the following command to confirm that the import process was successful:
C:\Java64\jdk1.8.0_211\bin\keytool -list -v -keystore C:\Java64\jdk1.8.0_211\jre\lib\security\cacerts -alias <your_machine_name> -storepass <trust_store_password>
UNIX Platform
/u01/java8/bin/keytool -import -v -trustcacerts -alias <your_machine_name> -file /u01/certs/<your_machine_name>.cer -keystore /u01/java8/jre/lib/security/cacerts -keypass <private_key_password> -storepass <trust_store_password>Certificate was added to keystore [Storing /u01/java8/jre/lib/security/cacerts]
Run the following command to confirm that the import process was successful:
/u01/java8/bin/keytool -list -v -keystore /u01/java8/jre/lib/security/cacerts -alias <your_machine_name> -storepass <trust_store_password>
AS/400 Platform
/QOpenSys/QIBM/ProdData/JavaVM/jdk80/32bit/bin/keytool -import -v -trustcacerts -alias <your_machine_name> -file /certs/<your_machine_name>.cer -keystore /QOpenSys/QIBM/ProdData/JavaVM/jdk80/32bit/jre/lib/security/cacerts -keypass <private_key_password> -storepass <trust_store_password>Certificate was added to keystore [Storing /QOpenSys/QIBM/ProdData/JavaVM/jdk80/32bit/jre/lib/security/cacerts]
Run the following command to confirm that the import process was successful:
/QOpenSys/QIBM/ProdData/JavaVM/jdk80/32bit/bin/keytool -list -v -keystore /QOpenSys/QIBM/ProdData/JavaVM/jdk80/32bit/jre/lib/security/cacerts -alias <your_machine_name> -storepass <trust_store_password>