How to apply wild card certificates to Novell Vibe

  • 7015682
  • 22-Sep-2014
  • 22-Sep-2014

Environment

Novell Vibe

Situation

How to apply or install wild card certificates to Vibe
Use 3rd party wild card certificate in Vibe

Resolution

Vibe can use a pkcs12 file to import into a .keystore
  1. Download the certificates from the certificate authority
    • Download as tomcat format, if available
  2. Remove the encryption from the private key with the following command:
    openssl rsa -in <private key> -out nopass.key
    • If prompted for pass phrase, enter the password used during private key creation.
    • The key file should be the original private key used, when creating the certificate signing request (CSR)
  3. Create the pkcs12 file with the following command:
    openssl pkcs12 -export -in <server cert> -inkey nopass.key -out keypair.p12 -name tomcat -certfile <intermediate cert>
    • Use the certificate files from step 1
    • Add -certfile for every intermediate or root certificate
      -certfile is not required if there are no other certificate chain files
  4. Input a password that will be used to import the pkcs12 key pair
  5. Create the new .keystore file
    keytool -importkeystore -deststorepass changeit -destkeypass changeit -destkeystore .keystore_new -srckeystore keypair.p12 -srcstoretype PKCS12 -srcstorepass <pass phrase of keypair.p12> -alias tomcat
    • changeit is the default keytool password
  6. Move the .keystore_new to the conf directory
    mv .keystore_new /opt/novell/teaming/apache-tomcat/conf/
  7. Change directory to /opt/novell/teaming/apache-tomcat/webapps/conf/
    cd /opt/novell/teaming/apache-tomcat/webapps/conf/
  8. Change the ownership, and rights of the .keystore_new
    chown --reference .keystore .keystore_new
    chmod --reference .keystore .keystore_new
  9. Back up the existing .keystore
    mv .keystore .keystore_old
  10. Rename the new .keystore
    mv .keystore_new .keystore
  11. Restart the Vibe appliance
    /etc/init.d/teaming restart