Steps to convert and import a Certificate file to a Truststore file
search cancel

Steps to convert and import a Certificate file to a Truststore file

book

Article ID: 399023

calendar_today

Updated On:

Products

CA Test Data Manager (Data Finder / Grid Tools)

Issue/Introduction

As a part of IT security assessment, our DBA has replaced the old self-signed certificate with new certificates for our DB2 servers. The DBA has shared the certificate files with us in the .cer1 format. Please suggest how to convert and import the files to a truststore, which can be used by Fast Data Masker

Environment

All supported release of TDM Portal and FDM

Resolution

If you were only given the certificate file, then you can use the Java Keytool command-line utility to generate a TrustStore file and import the certificate into the TrustStore.

  1. Open a Windows command line. (As Administrator if possible)

  2. Navigate to C:\Program Files\CA\CA Test Data Manager Portal\jre\bin (for TDM Portal) or C:\Program Files\Grid-Tools\FastDataMasker\jre\bin (for FDM)

    Note: If TDM Portal and FDM are installed on the same server, you can use the same truststore file for both applications. You only need to create the truststore file once.

  3. Generate the TrustStore file by running the following command:

    keytool -import -file [path\certificate filename] -alias [aliasname for the certificate] -keystore [path/myTrustStorefile] -storetype PKCS12 -storepass [TrustStore_password]

Where:

    • - file [path\certificate filename] is the fully qualified path to the certificate file you wish to import.

    • -alias [aliasname for the certificate] is the alias name given to the certificate. If your certificate contains an alias, you need to use the same alias name.

    • -keystore [path/myTrustStorefile] is the fully qualified path to where you want to place your TrustStore file.

    • -storepass [TrustStore_password] is the password you would like to assign to your TrustStore file, if you want to password-protect the file.

For example:

keytool -import -file "C:/Users/user1/Downloads/new_ca_cert.ce" -alias DB2ServerName -keystore "C:/Program Files/CA/CA Test Data Manager Portal\conf\.truststore" -storetype PKCS12 -storepass Password1234!

If you create the TrustStore file with a password, you will need to record what you made the password, in case you need to import additional certificates in the future.  If you have more than one certificate to import, you will need to run the import file for each certificate, changing the -file and -alias for each of the certificates.

Additional Information

To configure the TDM Portal connection profile, and the FDM connection file to use a secure DB2 connections, see How to configure a secure DB2 Connection in TDM Portal and FDM

.

Powered by Wolken Software