Red Hat SummitAppendix D. Java Keystores
This appendix demonstrates how to import the X.509 certificate exported from the Red Hat Storage Console server (See Section 2.1, “TLS/SSL Certification” for information on certificate exports) into a new Java keystore file.
Procedure D.1. Import a certificate into a new Java keystore
This process helps a user import the
rhsc.cer certificate from Section 2.1, “TLS/SSL Certification” into a Java keystore. This procedure requires the keytool management utility from the Java Development Kit (JDK) available for Linux and Windows systems.
- Access your client machine and locate the
rhsc.cercertificate. - Import the
rhsc.cercertificate using the Java keytool management utility.keytool -importcert -v -trustcacerts -keystore restapi.jks -noprompt -alias rhsc -file rhsc.cer
The keytool utility creates a new keystore file namedrestapi.jks. - keytool asks for the keystore password. Enter a password and keytool asks to verify it.
- keytool adds the
rhsc.cercertificate to therestapi.jkskeystore. Use keytool -list command to view the certificate's entry in the keystore:keytool -list -keystore restapi.jks -storepass [password]
Important
Some versions of keytool parse the certificate incorrectly. If keytool does not recognize the certificate, convert it to a different X.509 format with the openssl tool:
openssl x509 -in rhsc.cer -out rhsc.new -outform [pem|der]This creates a file called
rhsc.new to use in place of rhsc.cer.
22632%2C+Console+Developer+Guide-322-09-2014+17%3A11%3A35Report a bug
