[ https://issues.apache.org/jira/browse/KNOX-477?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14238064#comment-14238064 ]
ASF subversion and git services commented on KNOX-477: ------------------------------------------------------ Commit 1643865 from [~lmc...@apache.org] [ https://svn.apache.org/r1643865 ] KNOX-477 - better docs for certificate management > Document the use of openssl and keytool to import cert for gateway SSL > ---------------------------------------------------------------------- > > Key: KNOX-477 > URL: https://issues.apache.org/jira/browse/KNOX-477 > Project: Apache Knox > Issue Type: Bug > Components: Site > Reporter: Larry McCay > Assignee: Larry McCay > > * created a private key using openssl - "openssl genrsa -out privatekey.pem > 1024" > * created cert using openssl - "openssl req -new -x509 -key privatekey.pem > -out publickey.cer -days 1825" > * converted them to a PKCS12 store using openssl - "openssl pkcs12 -export > -out public_privatekey.pfx -inkey privatekey.pem -in publickey.cer" > * import PKCS12 store into gateway.jks using keytool - "keytool > -importkeystore -srckeystore public_privatekey.pfx -srcstoretype PKCS12 > -keystore gateway.jks" > * changed the alias of the imported key pair to "gateway-identity" using > keytool - "keytool -changealias -alias "1" -destalias "gateway-identity" > -keystore gateway.jks -storepass knoxpw" > * changed the key passphrase to something that I could know using keytool - > "keytool -keypasswd -alias gateway-identity -keystore gateway.jks" > * provisioned the key passphrase into __gateway-credentials.jceks using > knoxcli.sh create-alias gateway-identity-passphrase - "bin/knoxcli.sh > create-alias gateway-identity-passphrase" > NOTE: You have to make sure that the keystore passwords are the same as the > master secret for the knox instance. If you are unsure of the master secret > then create a new one before you start the above: "bin/knoxcli.sh > create-master" -- This message was sent by Atlassian JIRA (v6.3.4#6332)