How to create a new keystore for Automic on the Windows server using Keystore Explorer?
Release : 12.x and 21.x
Component : AUTOMATION ENGINE
The different steps necessary for creating the keystore / certificate requests and importing certs are easier to understand in GUI tool like Keystore Explorer.
See below an example of the steps to perform all these steps with Keystore Explorer.
When downloading the Keystore Explorer product for Windows, please make sure to select the installer that does not have the embedded Java:
This is due to the version of the embedded Java not being compatible with Automic Automation.
[TLS]
KEYSTORE=C:\Automic\certificates\keystore_frktest000607
; keystorePassword: Password of the keystore File
KEYSTOREPASSWORD=--103B02A4E96567743344AEF08C5B12E8E4
; keyPassword: Password for the Keys protection
KEYPASSWORD=--103B02A4E965677433071184DEFEAD58BB
; keyAlias: The name which the key is identified with.
KEYALIAS=jetty
After clicking on OK, pick the one above (the CA Root) and click on Import to add it into cacerts
It is recommended to have the ucsrv.ini hostname parameter set to the FQDN of the server. Ensure the same is part of the certificate generated.
For example:
[TCP/IP]
hostName=myserver.example.com