I'm going to explain the configuration, if someone sees something wrong please tell me
The jks it's in resources/security/tmp/keystore.jks
And only contains the key and the certificate (from Thawte and not a trial)
In carbon.xml I have that configuration
<KeyStore>
<!-- Keystore file location-->
<Location>${carbon.home}/resources/security/tmp/keystore.jks</Location>
<!-- Keystore type (JKS/PKCS12 etc.)-->
<Type>JKS</Type>
<!-- Keystore password-->
<Password>[JKS_PASS]</Password>
<!-- Private Key alias-->
<KeyAlias>[ALIAS_OF_THE_KEY]</KeyAlias>
<!-- Private Key password-->
<KeyPassword>[KEY_PASS]</KeyPassword>
</KeyStore>
And mgt-transports.xml config it's that
<parameter
name="keystore">${carbon.home}/resources/security/tmp/keystore.jks</paramete
r>
<parameter name="keypass">[KEY_PASS]</parameter>
With that configuration when I go to the main page of gs and see the
security information the info correspond to the key and not to the
certificate, wich means I get security advisories at the moment of load the
web.
Any idea?
Thanks and best regards.
Daniel Callejas
-----Mensaje original-----
De: carbon-dev-boun...@wso2.org [mailto:carbon-dev-boun...@wso2.org] En
nombre de Daniel Callejas Albalate
Enviado el: miércoles, 08 de septiembre de 2010 16:33
Para: carbon-dev@wso2.org
Asunto: Re: [Carbon-dev] keystore/certificate question
I generate a key and created a CSR to apply for a certificate in a CA.
________________________________
De: carbon-dev-boun...@wso2.org [carbon-dev-boun...@wso2.org] En nom de
Thilina Mahesh Buddhika [thili...@wso2.com]
Enviat el: dimecres, 8 / setembre / 2010 14:14
Per a: carbon-dev@wso2.org
Tema: Re: [Carbon-dev] keystore/certificate question
Properly updating the carbon.xml and mgt-transports.xml should solve the
problem.
Btw, did you generate a self signed certificate first and replaced that
public cert with the CA signed one or just generated a key and created the
CSR out of it?
Thilina
On Wed, Sep 8, 2010 at 4:37 PM, Daniel Callejas Albalate
<d...@nextret.net<mailto:d...@nextret.net>> wrote:
Yes, the certificate its imported in the same keystore where the private
key is.
De: carbon-dev-boun...@wso2.org<mailto:carbon-dev-boun...@wso2.org>
[mailto:carbon-dev-boun...@wso2.org<mailto:carbon-dev-boun...@wso2.org>] En
nombre de Thilina Mahesh Buddhika
Enviado el: miércoles, 08 de septiembre de 2010 13:04
Para: carbon-dev@wso2.org<mailto:carbon-dev@wso2.org>
Asunto: Re: [Carbon-dev] keystore/certificate question
Hi,
Did you import the certificate of Thawte to this keystore?
So you generated a private key, generated a CSR out of it and sent it to for
signing to Thawte and imported that signed cert back to the keystore where
the private key was in.
Thanks,
Thilina
On Wed, Sep 8, 2010 at 1:34 PM, Daniel Callejas Albalate
<d...@nextret.net<mailto:d...@nextret.net>> wrote:
Hi,
Thanks for the reply. I import the certificate to the same keystore where is
the private key, where the previous certificate was. Firs I delete the old
certificate and then import the new. I was using a custom keystore not the
wso2carbon.jks, but in carbon .xml and mgt-transports.xml I have configured
the new keystore.
Best Regards.
De: carbon-dev-boun...@wso2.org<mailto:carbon-dev-boun...@wso2.org>
[mailto:carbon-dev-boun...@wso2.org<mailto:carbon-dev-boun...@wso2.org>] En
nombre de Thilina Mahesh Buddhika
Enviado el: martes, 07 de septiembre de 2010 19:44
Para: carbon-dev@wso2.org<mailto:carbon-dev@wso2.org>
Asunto: Re: [Carbon-dev] keystore/certificate question
If you are using ESB, then it is required to change the keystore settings of
the axis2.xml in addition to carbon.xml and mgt-transports.xml. In other
products, it is sufficient only to modify those two files.
How did you insert your custom cert, is it using a fresh keystore or by
importing the cert and the private key into the existing wso2carbon.jks?
Please elaborate more on the steps you followed.
Thanks,
Thilina
On Tue, Sep 7, 2010 at 10:56 PM, Daniel Callejas Albalate
<d...@nextret.net<mailto:d...@nextret.net>> wrote:
Hi everyone,
Im messing with the certificates and i have a question. When I change a
keystore and/or a certificate from a server, I need to change something than
carbon.xml and mgt-transports.xml?
I have changed the certificate from a server and now the server doesnt take
the correct certificate. Im using a trial certificate from thawte and when
I connect by https I see the information of the private key.
Best Regards
Att,
Daniel Callejas Albalate
________________________________________________
NexTReT - eBusiness Solutions
http://www.nextret.net<http://www.nextret.net/>
Passeig Bonanova, 9. 08022 Barcelona
Calle Fortuny, 3 28010 Madrid
Tf. (+34) 932 541 530 Fx. (+34) 934 175 062
_______________________________________________
Carbon-dev mailing list
Carbon-dev@wso2.org<mailto:Carbon-dev@wso2.org>
https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
--
Thilina Mahesh Buddhika
Senior Software Engineer
WSO2 Inc. ; http://wso2.com
lean . enterprise . middleware
phone : +94 77 44 88 727
blog : http://blog.thilinamb.com
_______________________________________________
Carbon-dev mailing list
Carbon-dev@wso2.org<mailto:Carbon-dev@wso2.org>
https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
--
Thilina Mahesh Buddhika
Senior Software Engineer
WSO2 Inc. ; http://wso2.com
lean . enterprise . middleware
phone : +94 77 44 88 727
blog : http://blog.thilinamb.com
_______________________________________________
Carbon-dev mailing list
Carbon-dev@wso2.org<mailto:Carbon-dev@wso2.org>
https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
--
Thilina Mahesh Buddhika
Senior Software Engineer
WSO2 Inc. ; http://wso2.com
lean . enterprise . middleware
phone : +94 77 44 88 727
blog : http://blog.thilinamb.com
_______________________________________________
Carbon-dev mailing list
Carbon-dev@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
