Spotfire Server with HTTPS encrypted under Linux

作者Xihui Wang发表在笔记标签:
  1. prepare the cert and key:
/opt/tibco/tss-12.5.0.x86_64/jdk/bin$ sudo ./keytool -genkeypair -keystore keystore.p12 -storetype PKCS12 -storepass [yourPassword] -alias [yourHostName] -keyalg RSA -ext SAN=IP:[yourIPaddress] -validity 3650

or

/opt/tibco/tss-12.5.0.x86_64/jdk/bin$ sudo ./keytool -genkeypair -keystore keystore.p12 -storetype PKCS12 -storepass [yourPassword] -alias [yourHostName] -keyalg RSA -ext SAN=DNS:[FQDN] -validity 3650

What is your first and last name? Answer the 1st question.

/opt/tibco/tss-12.5.0.x86_64/jdk/bin$ sudo ./keytool -export -alias [yourHostName] -storepass [yourPassword] -file server.cer -keystore keystore.p12
/opt/tibco/tss-12.5.0.x86_64/jdk/bin$ sudo ./keytool -import -v -trustcacerts -alias [yourHostName] -file server.cer -keystore cacerts.jks -keypass [yourPassword] -storepass [yourPassword]

2. move the certs to /opt/tibco/tss-12.5.0.x86_64/tomcat/certs

3. edit the information in /opt/tibco/tss-12.5.0.x86_64/tomcat/conf/server.xml

comment out the http block and recover https block, edit below:

truststoreFile="./certs/cacerts.jks"
                     truststorePassword="[yourPassword]"
                     truststoreType="jks"

<Certificate certificateKeystoreFile="./certs/keystore.p12"
                     certificateKeystorePassword="[yourPassword]"
                     certificateKeystoreType="PKCS12"
                     certificateKeyAlias="[yourHostName]" />

sometimes it needs to delete certificateKeyAlias="[yourHostName]"

4. change public address setting in uiconfig.

5. restart Spotfire server

留下评论

通过 WordPress.com 设计一个这样的站点
从这里开始