I'm going to explain the configuration, if someone sees something wrong please tell me
The jks it's in resources/security/tmp/keystore.jks And only contains the key and the certificate (from Thawte and not a trial) In carbon.xml I have that configuration <KeyStore> <!-- Keystore file location--> <Location>${carbon.home}/resources/security/tmp/keystore.jks</Location> <!-- Keystore type (JKS/PKCS12 etc.)--> <Type>JKS</Type> <!-- Keystore password--> <Password>[JKS_PASS]</Password> <!-- Private Key alias--> <KeyAlias>[ALIAS_OF_THE_KEY]</KeyAlias> <!-- Private Key password--> <KeyPassword>[KEY_PASS]</KeyPassword> </KeyStore> And mgt-transports.xml config it's that <parameter name="keystore">${carbon.home}/resources/security/tmp/keystore.jks</paramete r> <parameter name="keypass">[KEY_PASS]</parameter> With that configuration when I go to the main page of gs and see the security information the info correspond to the key and not to the certificate, wich means I get security advisories at the moment of load the web. Any idea? Thanks and best regards. Daniel Callejas -----Mensaje original----- De: carbon-dev-boun...@wso2.org [mailto:carbon-dev-boun...@wso2.org] En nombre de Daniel Callejas Albalate Enviado el: miércoles, 08 de septiembre de 2010 16:33 Para: carbon-dev@wso2.org Asunto: Re: [Carbon-dev] keystore/certificate question I generate a key and created a CSR to apply for a certificate in a CA. ________________________________ De: carbon-dev-boun...@wso2.org [carbon-dev-boun...@wso2.org] En nom de Thilina Mahesh Buddhika [thili...@wso2.com] Enviat el: dimecres, 8 / setembre / 2010 14:14 Per a: carbon-dev@wso2.org Tema: Re: [Carbon-dev] keystore/certificate question Properly updating the carbon.xml and mgt-transports.xml should solve the problem. Btw, did you generate a self signed certificate first and replaced that public cert with the CA signed one or just generated a key and created the CSR out of it? Thilina On Wed, Sep 8, 2010 at 4:37 PM, Daniel Callejas Albalate <d...@nextret.net<mailto:d...@nextret.net>> wrote: Yes, the certificate its imported in the same keystore where the private key is. De: carbon-dev-boun...@wso2.org<mailto:carbon-dev-boun...@wso2.org> [mailto:carbon-dev-boun...@wso2.org<mailto:carbon-dev-boun...@wso2.org>] En nombre de Thilina Mahesh Buddhika Enviado el: miércoles, 08 de septiembre de 2010 13:04 Para: carbon-dev@wso2.org<mailto:carbon-dev@wso2.org> Asunto: Re: [Carbon-dev] keystore/certificate question Hi, Did you import the certificate of Thawte to this keystore? So you generated a private key, generated a CSR out of it and sent it to for signing to Thawte and imported that signed cert back to the keystore where the private key was in. Thanks, Thilina On Wed, Sep 8, 2010 at 1:34 PM, Daniel Callejas Albalate <d...@nextret.net<mailto:d...@nextret.net>> wrote: Hi, Thanks for the reply. I import the certificate to the same keystore where is the private key, where the previous certificate was. Firs I delete the old certificate and then import the new. I was using a custom keystore not the wso2carbon.jks, but in carbon .xml and mgt-transports.xml I have configured the new keystore. Best Regards. De: carbon-dev-boun...@wso2.org<mailto:carbon-dev-boun...@wso2.org> [mailto:carbon-dev-boun...@wso2.org<mailto:carbon-dev-boun...@wso2.org>] En nombre de Thilina Mahesh Buddhika Enviado el: martes, 07 de septiembre de 2010 19:44 Para: carbon-dev@wso2.org<mailto:carbon-dev@wso2.org> Asunto: Re: [Carbon-dev] keystore/certificate question If you are using ESB, then it is required to change the keystore settings of the axis2.xml in addition to carbon.xml and mgt-transports.xml. In other products, it is sufficient only to modify those two files. How did you insert your custom cert, is it using a fresh keystore or by importing the cert and the private key into the existing wso2carbon.jks? Please elaborate more on the steps you followed. Thanks, Thilina On Tue, Sep 7, 2010 at 10:56 PM, Daniel Callejas Albalate <d...@nextret.net<mailto:d...@nextret.net>> wrote: Hi everyone, Im messing with the certificates and i have a question. When I change a keystore and/or a certificate from a server, I need to change something than carbon.xml and mgt-transports.xml? I have changed the certificate from a server and now the server doesnt take the correct certificate. Im using a trial certificate from thawte and when I connect by https I see the information of the private key. Best Regards Att, Daniel Callejas Albalate ________________________________________________ NexTReT - eBusiness Solutions http://www.nextret.net<http://www.nextret.net/> Passeig Bonanova, 9. 08022 Barcelona Calle Fortuny, 3 28010 Madrid Tf. (+34) 932 541 530 Fx. (+34) 934 175 062 _______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org<mailto:Carbon-dev@wso2.org> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev -- Thilina Mahesh Buddhika Senior Software Engineer WSO2 Inc. ; http://wso2.com lean . enterprise . middleware phone : +94 77 44 88 727 blog : http://blog.thilinamb.com _______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org<mailto:Carbon-dev@wso2.org> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev -- Thilina Mahesh Buddhika Senior Software Engineer WSO2 Inc. ; http://wso2.com lean . enterprise . middleware phone : +94 77 44 88 727 blog : http://blog.thilinamb.com _______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org<mailto:Carbon-dev@wso2.org> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev -- Thilina Mahesh Buddhika Senior Software Engineer WSO2 Inc. ; http://wso2.com lean . enterprise . middleware phone : +94 77 44 88 727 blog : http://blog.thilinamb.com _______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev