Importing SSL Certificate
You are looking at an older version of the documentation. The latest version is found here.
Getting Certificate from Remote Host
The certificate needs to be downloaded from the host. There are different ways to obtain such a certificate:
- Via browser:
- For web services: use the browser built-in mechanism to download a certificate;
- FTPS: use Firefox browser with the fireFTP addon (does not work in Google Chrome).
Via the command line using
openssl
:BASHopenssl s_client -connect <host>:<port> -starttls ftp > <cert>.pem
The-starttls ftp
option is only needed for FTPS certificates.
Importing Certificate into Data Virtuality Server
The certificate obtained from the remote host needs to be imported into the keystore of the JDK used by the Data Virtuality Server.
The default password for the java keystore is changeit
, and the keytool to modify the keystore is shipped with Java and can be found in the JDK/bin folder.
Importing Certificate into Data Virtuality Server Using Embedded JDK
Data Virtuality Servers uses an embedded JDK, so the certificate needs to be imported into the keystore of this JDK as follows:
keytool -keystore /opt/datavirtuality/dvserver/JDK/lib/security/cacerts -import -alias <alias> -file /path/to/cert -storepass changeit