Environment
Novell Vibe
Situation
How to apply or install wild card certificates to Vibe
Use 3rd party wild card certificate in Vibe
Use 3rd party wild card certificate in Vibe
Resolution
Vibe can use a pkcs12 file to import into a .keystore
- Download the certificates from the certificate authority
- Download as tomcat format, if available
- Remove the encryption from the private key with the following command:
openssl rsa -in <private key> -out nopass.key - If prompted for pass phrase, enter the password used during private key creation.
- The key file should be the original private key used, when creating the certificate signing request (CSR)
- Create the pkcs12 file with the following command:
openssl pkcs12 -export -in <server cert> -inkey nopass.key -out keypair.p12 -name tomcat -certfile <intermediate cert> - Use the certificate files from step 1
- Add -certfile for every intermediate or root certificate
-certfile is not required if there are no other certificate chain files - Input a password that will be used to import the pkcs12 key pair
- Create the new .keystore file
keytool -importkeystore -deststorepass changeit -destkeypass changeit -destkeystore .keystore_new -srckeystore keypair.p12 -srcstoretype PKCS12 -srcstorepass <pass phrase of keypair.p12> -alias tomcat- changeit is the default keytool password
- Move the .keystore_new to the conf directory
mv .keystore_new /opt/novell/teaming/apache-tomcat/conf/ - Change directory to /opt/novell/teaming/apache-tomcat/webapps/conf/
cd /opt/novell/teaming/apache-tomcat/webapps/conf/ - Change the ownership, and rights of the .keystore_new
chown --reference .keystore .keystore_new
chmod --reference .keystore .keystore_new - Back up the existing .keystore
mv .keystore .keystore_old - Rename the new .keystore
mv .keystore_new .keystore - Restart the Vibe appliance
/etc/init.d/teaming restart