|
|
|
Using an OpenSSL Certificate with Reflection for the Web
Technical Note 1864
Last Reviewed 30-May-2008
Applies To
Reflection for the Web 2008 (All Editions)
Reflection for the Web version 8.0 through 9.x
Summary
Technical Note 1864
Last Reviewed 30-May-2008
Applies To
Reflection for the Web 2008 (All Editions)
Reflection for the Web version 8.0 through 9.x
Summary
This technical note describes the steps to follow to convert an OpenSSL certificate to a format that can be used by the Reflection for the Web's certificate wizard. Once converted, you will import the certificate to Tomcat's certificate keystore.
Converting the Certificate
If you have a certificate generated by an Apache server, the certificate format must be converted to a format (pkcs12) recognized by the Reflection for the Web certificate wizard. Follow these steps to convert your certificate.
- Locate your Apache-generated certificate. It is typically located in the folder that contains the private key and certificate request file.
- Create the pkcs12 package by executing the following command, replacing <myCert> with the name of your Apache certificate:
openssl pkcs12 –export –inkey <myPrivateKey> –in <myCert> –out <myExportedFile>.pfxExecuting the command above creates a file called <myExportedFile>.pfx in your current folder.
Importing the Converted Certificate
Once your Apache certificate is converted to a *.pfx file, you can import the converted certificate to the Reflection management server using the Certificate Wizard.
- Stop the Tomcat server.
- Launch the Certificate Wizard, located in <install directory>/utilities/CertWizard.sh.
- Select a language and follow the prompts to the panel that offers several certificate options: generate, import, update, or copy.
View Full Size
Select "Import a new CA-signed certificate," and click Next.
- Browse to your converted certificate (*.pfx).
- Follow the prompts to finish the wizard.
- Restart the Tomcat server.
