Versions Compared

Old Version 5

changes.mady.by.user David E Tanner

Saved on

compared with

New Version 6

changes.mady.by.user David E Tanner

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

Answer *yes* when prompted for *Trust this certificate? \ [no\]:*

The serverTrustStore.jks should now contain only the mitca and mitclientca certificates.  You can verify this by using the following command line:

    keytool -list -keystore serverTrustStore.jks

And you should get something similar to:

    Your keystore contains 2 entry

    mitca, Sep 20, 2007, trustedCertEntry,
    Certificate fingerprint (MD5): F6:F0:04:3B:10:F9:5C:CE:0B:9E:0C:A0:DA:36:93:2A
    mitclientca, Aug 30, 2007, trustedCertEntry,
    Certificate fingerprint (MD5): CF:41:AB:E1:03:6D:F8:21:37:55:62:C1:EF:18:71:96

Panel

You will need to obtain the MIT CA and the MIT Client CA certificates.

For the MIT CA certificate, go to: http://ca.mit.edu/mitca.crt and down load and save the certificate.
For the MIT Client CA certificate, go to: http://ca.mit.edu/mitClient.crt and down load and save the certificate.

To create the server trust store, use the following command lines:

    keytool -import -keystore serverTrustStore.jks -alias mitca -file mitca.cer
    keytool -import -keystore serverTrustStore.jks -alias mitclientca -file mitClient.cer

When prompted for a password, use a password that is well known to you.  Don't forget this password because you will need it when configuring an application to use this keystore.

Wiki Markup