Please Note: These are general guidelines, It is always advised to refer the instructions published by respective CAs to import SSL certificate into tomcat server.
-----------------------------------------------------------
Step 1 Updating Keystore
Input Fully Qualified Domain Name details to ManageEngine AnalyticsPlus Keystore.
keytool -genkey -alias analytics -keyalg RSA -keystore server.keystore
Enter the password as 'accounts' (do not change this)
If you use your own password, you need to update it in the following files after the keyword keystorePass
<ManageEngine AnalyticsPlus>/conf/server.xml
Fill in the details and Note : The first prompt asking for name denotes CN, so mention your domain name
To delete an entry use
keytool -delete -alias analytics -keystore server.keystore
Step 2 Import CA into keystore
keytool -import -alias root -keystore server.keystore -trustcacerts -file <root certificate>
Place the .pem and .key file under this folder of OpenSSL (C:\Program Files (x86)\GnuWin32in)
If OpenSSL is not installed, please install to proceed
Using Command Prompt, go to OpenSSL installation folder location (Ex: C:Program Files (x86)GnuWin32\bin)
Execute the below command (mydomain.com --> is the actual domain url that is to be used)
openssl pkcs12 -export -in <.pem file> -inkey <.key file> -out ./mydomain.com.p12
Copy the mydomain.com.p12 from the location C:\Program Files (x86)\GnuWin32\bin and place it under ManageEngine AnalyticsPlus\jre\bin
Execute the command using the command prompt,
keytool -importkeystore -srckeystore ./mydomain.com.p12 -srcstoretype PKCS12 -destkeystore server.keystore
Step 3 Updating the changes in all modules
- Stop all ManageEngine AnalyticsPlus services.
- Replacing the existing server.keystores'
- Please copy the server.keystore file in the <ManageEngine AnalyticsPlus>\jre\bin directory to the following locations
ManageEngine AnalyticsPlus\conf
- Start all ManageEngine AnalyticsPlus services.
C:\ManageEngine\AnalyticsPlus\conf
keystorePass="accounts" keystoreFile="conf/server.keystore"
keystorePass="your pfx password" keystoreFile="conf/name.pfx" keystoreType="pkcs12"
Install a .P7b Certificate
-----------------------------
Some CA will provide the certificates with an extension .p7b. In such a case you can double click on this file to open a console which will list all the required certificates. You can export these certificates to Base-64 encoded X.509 (.cer) files.
These certs can then be installed onto the keystore file using the instructions given in Step 3.
To export the certificate,
Commands to install certificates of some common vendors
Please find below the commands you need to use to install certificates of some common vendors.
NOTE: These instructions might change depending on the Certificates issued by the CA.
GoDaddy
If your CA is "GoDaddy", then the steps to follow will be:
keytool -import -alias root -keystore server.keystore -trustcacerts -file gd_bundle.crt
keytool -import -alias cross -keystore server.keystore -trustcacerts -file gd_cross_intermediate.crt
keytool -import -alias intermediate -keystore server.keystore -trustcacerts -file gd_intermediate.crt
keytool -import -alias <Alias Specified when creating the Keystore> -keystore server.keystore -trustcacerts -file <CertificateName>.crt
Verisign
If your CA is "Verisign", then the steps to follow will be:
keytool -import -alias root -keystore server.keystore -trustcacerts -file <your_root_certificate_name>.cerkeytool -import -alias intermediateCA -keystore server.keystore -trustcacerts -file <your_intermediate_certificate_name>.cer
keytool -import -alias <Alias Specified when creating the Keystore> -keystore server.keystore -trustcacerts -file <CertificateName>.cer
Comodo
If your CA is "Comodo", then the steps to follow will be:
keytool -import -trustcacerts -alias root -file AddTrustExternalCARoot.crt -keystore server.keystore
keytool -import -trustcacerts -alias addtrust -file UTNAddTrustServerCA.crt -keystore server.keystore
keytool -import -trustcacerts -alias ComodoUTNServer -file ComodoUTNServerCA.crt -keystore server.keystore
keytool -import -trustcacerts -alias essentialSSL -file essentialSSLCA.crt -keystore server.keystore
keytool -import -trustcacerts -alias <Alias Specified when creating the Keystore> -file <Certificate-Name>.crt -keystore server.keystore
Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.
If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.
You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.