Skip to content
Snippets Groups Projects
Commit 4242f196 authored by Henrik tom Wörden's avatar Henrik tom Wörden Committed by Quazgar
Browse files

DOC: note on cert

parent 1d4afdb1
Branches
Tags
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 2 additions and 1 deletion
README_SETUP.md
+ 2
1
View file @ 4242f196
...@@ -75,7 +75,8 @@ server: ...@@ -75,7 +75,8 @@ server:
- `keytool -genkey -keyalg RSA -alias selfsigned -keystore caosdb.jks -validity 375 -keysize 2048 -ext san=dns:localhost` - `keytool -genkey -keyalg RSA -alias selfsigned -keystore caosdb.jks -validity 375 -keysize 2048 -ext san=dns:localhost`
Replace `localhost` by your host name, if you want. Replace `localhost` by your host name, if you want.
- `keytool -importkeystore -srckeystore caosdb.jks -destkeystore caosdb.p12 -deststoretype PKCS12 -srcalias selfsigned` - `keytool -importkeystore -srckeystore caosdb.jks -destkeystore caosdb.p12 -deststoretype PKCS12 -srcalias selfsigned`
- `openssl pkcs12 -in caosdb.p12 -nokeys -out cert.pem` - Export the public part only: `openssl pkcs12 -in caosdb.p12 -nokeys -out cert.pem`.
The resulting ``cert.pem` can safely be given to users to allow ssl verification.
- You can check the content of the certificate with `openssl x509 -in cert.pem -text` - You can check the content of the certificate with `openssl x509 -in cert.pem -text`
Alternatively, you can create a keystore from certificate files that you already have: Alternatively, you can create a keystore from certificate files that you already have:
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment