To use a secure SSL connection, import a server certificate and add it to the Java
KeyStore.
始める前に
Role required: admin
You must obtain the server certificate and matching private key before adding it to
the Java KeyStore.
手順
-
Generate a Certificate Signing Request (CSR) using the
openssl
command.
openssl req -newkey rsa:2048 -keyout PRIVATEKEY.key -out MYCSR.csr
-
Send your CSR (MYCSR.csr in the example above) to your certificate authority to
have it signed.
-
Create a P12 keystore for import using the
openssl
command.
openssl pkcs12 -export -in MYSIGNEDCERT.pem -inkey PRIVATEKEY.key -name shared > MY_SERVER.p12
-
Store your certificate and private key into a jceks file.
keytool -importkeystore -destkeystore keystore.jceks -deststoretype jceks -srckeystore MY_SERVER.p12 -srcstoretype pkcs12 -alias MYALIAS
The
alias, shown in the example as
MYALIAS can be any value. You
will use this alias in the
edgeencryption.proxy.https.cert.alias property in the
edgeencryption.properties file located in the
<installation directory>/conf/ folder.
-
Stop and restart the edge proxy.
注: During a restart, the proxy server is offline for a short time. The amount
of time is determined by your environment and how long it takes to stop and
restart the proxy service.