If a wildcard certificate has been provided in either a .pfx or .p12 format, we would need a procedure to import this certificate into UMP. This document describes the tasks on how to import a given a wildcard certificate .pfx file with *.mydomain.com as the domain, import this certificate to wasp and (optionally) apply automatic HTTPS redirects.
By default, you cannot import these types of certificates into the UMP certificate store following the procedure describes in our documentation on how to enable Https in UMP.
Any version of UIM
This can be very challenging for several reasons. Since a Certificate Sign Request (CSR) was not generated from wasp, the keystore does not currently have any knowledge of the private key used to generate the cert request. Also, Java can be very particular about the format it expects the key to be in. Another potential hurdle is the fact that the keytool application shipped as part of older versions of Java provided all the functionality to generate a private key and CSR from a Java keystore, but did not allow the importing of a preexisting private key or certificate generated externally. This was fixed in Java 6. The solution is to convert the existing certificate and key into a PKCS12 file, and then use keytool to merge one keystore with another. Java 6 (or higher) can treat a PKCS12 file as a keystore. The most recent java_jre in the Nimsoft archive is 1.8. which meets this requirement.
openssl pkcs12 -in mypfxfile.pfx -out mypemfile.pem
openssl pkcs12 -export -in mypemfile.pem -out mykeystore.p12 -name wasp
The name switch above represents the alias that will be assigned to this keystore, wasp in this case.2. Import the PKC12 certificate to the wasp.keystore location, by default: C:\Program Files (x86)\Nimsoft\probes\service\wasp\conf
In a command prompt, navigate to: C:\Program Files (x86)\Nimsoft\probes\service\wasp\conf3. Issue the following command:
C:\Program Files (x86)\Nimsoft\jre\jre8u102\bin\keytool -list -alias wasp -keystore wasp.keystore
Enter keystore password:
wasp, Nov 1, 2011, PrivateKeyEntry,
Certificate Fingerprint (MD5):4D:E8:79:84:4E:64:70:AD:4D:A9:A3:BF:BE:C5:F6:B3
C:\Program Files (x86)\Nimsoft\jre\jre8u102\bin\keytool -importkeystore -deststorepass p12password
-destkeypass pemPassword -destkeystore wasp.keystore -srckeystore mykeystore.p12 -srcstoretype PKCS12
-srcstorepass srcstorepass -alias wasp
Existing entry alias wasp exists, overwrite? [no]:? yes
6. Enter keystore password: