- Generate two certificates with below combinations
- Certificate one: keyUsage=critical,digitalsignature extendedKeyUsage=serverAuth,clientAuth
- Certificate two: keyUsage=critical,digitalsignature extendedKeyUsage=codeSigning
- Import key's pertaining to both certificate in custom-keystore.jks file
- Use 1st certificate to enable SSL for ROC i.e. pointing this particular certificate alias etc. in server.xml of Data Management Server
- Use 2nd certificate to enable SSL for ASAP by using it to generate custom-truststore.jar and signing the same.
Please find step sequence to enable SSL for ASAP studio in case of two different certificates (importing key into custom-keystore is mentioned in details in reference document in additional information)
as mentioned above. We are assuming in below steps certificate-one and certificate-two are alias for certificate one and two and below sequence is difference with respect to two certificate for enabling SSL on ASAP.
1: Generate nolio.jks using the certificate created for ROC
keytool -importcert -alias certificate-one
-file <FILE_NAME> -keystore nolio.jks -v -rfc
2: Packed this nolio.jks into the JAR file custom-truststore.jar
Note: For more details around steps on how to enable SSL for CA RA please visit product document the reference of which is provided in additional information section.
3: Signed the custom-truststore JAR file with the authorized certificate for code signing.
jarsigner -keystore custom-keystore.jks -verbose -keypass **** -storepass **** custom-truststore.jar certificate-two
4: Copied this custom-truststore.jar file into ReleaseAutomationServer\webapps\nolio-app\apps\v2.0.0\lib folder
5: Execute cmd javaws -uninstall