Page History
...
Example for importing a certificate to a JOC Cockpit truststore in PKCS12 format:
Code Block language bash title Example for import of LDAP Server Certificate to PKCS12 Keystore # import LDAP Server certificate to a truststore (joc.p12) by specifying the certificate file (ldap-certificate.crt) and alias name (ldap) keytool -importcert -noprompt -file "ldap-certificate.crt" -alias "ldap" -keystore "JETTY_BASE/resources/joc/joc.p12" -storetype pkcs12 -storepass secret_store -trustcacerts
Example for importing a certificate to a JOC Cockpit truststore in JKS format:
Code Block language bash title Exmple for import of LDAP Server certificate to JKS Keystore # import LDAP Server certificate to a truststore (joc.jks) by specifying the certificate file (ldap-certificate.crt) and alias name (ldap) keytool -importcert -noprompt -file "ldap-certificate.crt" -alias "ldap" -keystore "JETTY_BASE/resources/joc/joc.jks" -storetype jks -storepass secret_store -trustcacerts
- Explanation
- The
-keystore
option specifies the location of the truststore file. - The
-storepass
option specifies the password for access to the truststore. - The certificate file
ldap-ertificate.crt
should be available from the LDAP Server. Transfer this file to the JOC Cockpit server. Alternatively the server server certificate can be requested on-the-fly.Example for request of server certificate:
Code Block language bash title Example for request of server certificate from LDAP Server # connect to the LDAP Server (ldap_server) with the available port (636), in the server response you should find the certificate that you can copy & paste to a certificate file openssl s_client -showcerts -connect ldap_server:636
If the certificate is signed by a CA then the certificate should include the certificate chain of Root CA Certificate and Intermediate CA Certificate. Otherwise it might be required to concatenate the certificates into one file, for example:
Code Block language bash title Example for use of a certificate chain # concatenate Root CA certificate and Intermediate CA certificate as provided from the LDAP Server to a single CA Bundle certificate file (ca-bundle.crt) cat RootCACertificate.crt > ca-bundle.crt cat IntermediateCACertificate.crt >> ca-bundle.crt # import LDAP Server certificate and certificate chain to a truststore (joc.p12) by specifying the certificate file (ldap-certificate.crt) and alias name (ldap) keytool -importcert -noprompt -file "ca-bundle.crt" -alias "ldap" -keystore "JETTY_BASE/resources/joc/joc.p12" storetype pkcs12 -storepass secret_store -trustcacerts
- The
...
Overview
Content Tools