WLP: Adicionando um certificado TLS como confiável na Liberty trust store: Difference between revisions
No edit summary |
No edit summary |
||
(One intermediate revision by the same user not shown) | |||
Line 12: | Line 12: | ||
3) Removendo caso já exista | 3) Removendo caso já exista | ||
<small><IHS_HOME>/java/8.0/jre/bin/ | <small><IHS_HOME>/java/8.0/jre/bin/ikeycmd -cert -delete -db "<wlp_root>/usr/servers/defaultServer/resources/security/key.jks" \ | ||
-pw <PASSWORD> -label <LABEL_CERTIFICADO> > /dev/null</small> | -pw <PASSWORD> -label <LABEL_CERTIFICADO> > /dev/null</small> | ||
4) Salvando no key store do Liberty | 4) Salvando no key store do Liberty | ||
<small><IHS_HOME>/java/8.0/jre/bin/ | <small><IHS_HOME>/java/8.0/jre/bin/ikeycmd -cert -add -db "<wlp_root>/usr/servers/defaultServer/resources/security/key.jks" \ | ||
-file "<wlp_root>/usr/servers/defaultServer/resources/security/NOME_DO-ARQUIVO.cer" \ | -file "<wlp_root>/usr/servers/defaultServer/resources/security/NOME_DO-ARQUIVO.cer" \ | ||
-pw <PASSWORD> -label <LABEL_CERTIFICADO> > /dev/null</small> | -pw <PASSWORD> -label <LABEL_CERTIFICADO> > /dev/null</small> | ||
Line 27: | Line 27: | ||
[[Category: WAS Liberty]] | [[Category: WAS Liberty]] | ||
[[Category: WAS]] | [[Category: WAS]] | ||
[[Category: Certificados TLS]] | [[Category:Certificados TLS]] | ||
[[Category: | [[Category:OpenSSL]] | ||
[[Category: ikeyman]] | [[Category:ikeyman]] |
Latest revision as of 21:16, 7 December 2023
Procedimento
1) Vá ao diretório do Liberty
cd <wlp_root>/usr/servers/defaultServer/resources/security
2) Download do certificado
openssl s_client -connect <HOST:PORT> </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > <NOME_DO-ARQUIVO.cer>
3) Removendo caso já exista
<IHS_HOME>/java/8.0/jre/bin/ikeycmd -cert -delete -db "<wlp_root>/usr/servers/defaultServer/resources/security/key.jks" \ -pw <PASSWORD> -label <LABEL_CERTIFICADO> > /dev/null
4) Salvando no key store do Liberty
<IHS_HOME>/java/8.0/jre/bin/ikeycmd -cert -add -db "<wlp_root>/usr/servers/defaultServer/resources/security/key.jks" \ -file "<wlp_root>/usr/servers/defaultServer/resources/security/NOME_DO-ARQUIVO.cer" \ -pw <PASSWORD> -label <LABEL_CERTIFICADO> > /dev/null