Generating ECF Java Keystore
This procedure uses the default certificate file ecfs_keystore and the default alias ecf_server. If you use some other names, make sure you enter them in IA:
-
Certificate file:
-
Alias:
-
Open a Command Prompt window:
and then run the command cmd. -
Run mmc.
-
Choose
The Add or Remove Snap-in window opens.
-
Choose Certificates and click Add.
A wizard opens.
-
Select Computer account and click Next.
-
Select Local computer: (the computer this console is running on) and click Finish.
-
Click OK.
-
Right-click the IP/FQDN of the server for which you created the certificate and choose
.The Certificate Export Wizard window opens.
-
Click Next.
-
Select Yes, export the private key and click Next.
-
Select Personal Information Exchange - PKCS #12 (.PFX) and Include all certificates in the certification path if possible and then click Next.
-
Create a password, enter it and click Next. Use this same password for Keystore created below, othervice ECF Web Server / Tomcat cannot open the certificate. Both passwords are using the value of Certificate Key File Password for NIO Connector parameter of ECF Web Server package in IA.
-
Choose the place where you save the file and enter the file name ecfcert.pfx and click Next.
-
Click Finish.
-
Go to Command Prompt to generate the file and run the following command:
keytool -importkeystore -srckeystore ecfcert.pfx -srcstoretype pkcs12 -destkeystore ecfs_keystore -deststoretype JKS
-
To change the alias created by the keytool, do the following:
-
Get the current alias by running the following command:
keytool -list -keystore ecfs_keystore
-
Copy the alias from the list and place it in the command below.
-
To replace the alias, run the following command:
keytool -changealias -alias "[copy the alias here]" -destalias "ecf_server" -keystore ecfs_keystore
-
When you have installed the ECF packages, create a folder called ecf in the root directory of the ECF virtual unit and place ecfs_keystore there.