WLP: Adicionando um certificado TLS como confiável na Liberty trust store: Difference between revisions
No edit summary |
|||
| Line 27: | Line 27: | ||
[[Category: WAS Liberty]] | [[Category: WAS Liberty]] | ||
[[Category: WAS]] | [[Category: WAS]] | ||
[[Category: | [[Category: Certificados TLS]] | ||
[[Category: openssl]] | |||
[[Category: ikeyman]] | |||
Revision as of 11:37, 29 September 2022
Procedimento
1) Vá ao diretório do Liberty
cd <wlp_root>/usr/servers/defaultServer/resources/security
2) Download do certificado
openssl s_client -connect <HOST:PORT> </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > <NOME_DO-ARQUIVO.cer>
3) Removendo caso já exista
<IHS_HOME>/java/8.0/jre/bin/java com.ibm.gsk.ikeyman.ikeycmd -cert -delete -db "<wlp_root>/usr/servers/defaultServer/resources/security/key.jks" \ -pw <PASSWORD> -label <LABEL_CERTIFICADO> > /dev/null
4) Salvando no key store do Liberty
<IHS_HOME>/java/8.0/jre/bin/java com.ibm.gsk.ikeyman.ikeycmd -cert -add -db "<wlp_root>/usr/servers/defaultServer/resources/security/key.jks" \ -file "<wlp_root>/usr/servers/defaultServer/resources/security/NOME_DO-ARQUIVO.cer" \ -pw <PASSWORD> -label <LABEL_CERTIFICADO> > /dev/null