IBM FileNet P8, Version 5.2.1            

Creating the keystore on JBoss

The application server requires a keystore to hold the certificate that identifies Content Platform Engine and a self-signed certificate or a third-party certificate.

About this task

You can create a single keystore to use as both the identity keystore and the server truststore for JBoss. Or, you can create one keystore to use as the identity keystore, and use the Java™ standard truststore in JAVA_HOME\jre\lib\security\cacerts to import all trusted certificates.

Procedure

To create the keystore:

  1. From the command line, change to a directory where you want to create the keystore. For best results, use a directory in your application server installation directory. For example, navigate to the JBOSS_HOME/server/server_name/conf directory.
  2. Generate a self-signed server certificate by entering the following command:
    keytool -genkeypair -alias cpe-alias -keypass YourKeyPassword
     -keyalg RSA -validity NumberOfDays -keystore server.keystore -storepass YourStorePassword
     -dname "CN=YourHostName, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown"
    Restriction:

    If you plan to verify the host name later, you must include the -dname option as shown.

  3. Verify that the certificate was created in the keystore by entering the following command:
    keytool -list -v -keystore server.keystore -storepass YourStorePassword


Last updated: March 2016
p8pcc368.htm

© Copyright IBM Corporation 2016.