Versions Compared

Old Version 31

changes.mady.by.user Victor Laurencena

Saved on

compared with

New Version Current

changes.mady.by.user Victor Laurencena

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated GoDaddy repository link

...

If you want to obtain a CA-signed certificate, use the steps below to obtain a certificate signed by a well-known CA. The role of a CA is to verify that the IDERA Dashboard Web Application you are trying to access actually has the name you are trying to access it by and that this server actually belongs to your organization.

Obtaining a CA-signed certificate

Certificates are issued by trusted third-party Certification Authorities (CAs). Many CAs simply verify the domain name and issue the certificate, whereas others (VeriSign, etc.) verify the existence of your business, the ownership of your domain name, and your authority to apply for the certificate, providing a higher standard of authentication.

...

Generating a certificate request

Before the CA can issue you the certificate, you should generate a private key and the certificate request and send it to the CA for signing. The certificate request and the private key should be generated using the openssl command unless otherwise instructed by the CA.

Info

While generating the private key and certificate request, replace the openssl command with the full path to binary, for example, C:\Openssl\bin\openssl.

Importing the certificate into the Trust-Store

The following steps show you how to install an SSL certificate purchased from a Certification Authority. Your SSL vendor may have different instructions, please check with them for proper certificate installation. The following examples refer to GoDaddy and VeriSign.

  1. Copy your private Key file (wildcard.idera.com.key) and Certificate file (wildcard.idera.com.crt) in PEM format, on the root directory where IDERA Dashboard Services host (i.e. "C:\Program Files\Idera\Dashboard").
  2. Download OpenSSL for Windows from
    Newtab2
    aliashttp://gnuwin32.sourceforge.net/packages/openssl.htm
    urlhttp://gnuwin32.sourceforge.net/packages/openssl.htm
    . Select the ‘Complete package, except sources’ option, and copy the .exe file in the root file where the IDERA Dashboard services host, right-click and Run as Administrator to install the program.
  3. Start a Windows Command Prompt by clicking Start > Command Prompt (right-click on Command Prompt to run as Administrator). Alternatively, you can go to Start > Run and then type cmd without quotes and press <Enter>.
  4. Use the cd C:\ command to go to the root directory of the disk C:\, where you copied the Key and Certificate files.
  5. Run the following commands to convert the key and the certificate from PEM to DER format.
    "C:\OpenSSL\bin\openssl" pkcs8 -topk8 -nocrypt -in wildcard.idera.com.key -inform PEM -out wildcard.idera.com.key.der -outform DER
    "C:\OpenSSL\bin\openssl" x509 -in wildcard.idera.com.crt -inform PEM -out wildcard.idera.com.crt.der -outform DER
  6. Use the cd command to go to the directory where the keytool is located:
    cd "C:\Program Files\Idera\Dashboard\WebApplication\JRE\bin\"
  7. To create the new keystore file, you have to download the ImportKey utility
    Newtab2
    aliashttps://discourse.igniterealtime.org/uploads/default/original/2X/2/2638b26131247f7d11132bd2e3fba0e1ec87156b.zip
    urlhttps://discourse.igniterealtime.org/uploads/default/original/2X/2/2638b26131247f7d11132bd2e3fba0e1ec87156b.zip
    .
  8. Access IDERA’s FTP server by navigating to the path 
    Newtab2
    aliasftp://downloads.idera.com/
    urlftp://downloads.idera.com/
    in Internet Explorer (then follow the instructions on that page to log in), or by using the link in Windows File Explorer. Use the following credentials:
    Username: ImportKeyDownload
    Password: 03gXm6tv
  9. Unzip the ImportKey utility to C:\Program Files\Idera\Dashboard\WebApplication\JRE\bin\ directory.

  10. In your Command Promp window, run the following command. It will launch the ImportKey utility and create the keystore file (default name is keystore.ImportKey) in your home directory (in Windows 2008 it is usually C:\Users\<your username>). The private key and the certificate will be placed there.
    java ImportKey c:\wildcard.idera.com.key.der c:\wildcard.idera.com.crt.der

    Info

    The keystore and key passwords both must be set to password. To do this, proceed with the next step.

  11. The following command allows you to set the password for your keystore file. The default password is importkey. Enter it when prompted, in your Command Promp window, and then type the new password, which must be set to password.
    keytool -storepasswd -keystore c:\Users\Administrator\keystore.ImportKey
  12. This command will allow you to set the password for the key file in the keystore. The default password is importkey. Enter it when prompted, and then type the new password, which must be set to password.
    keytool -keypasswd -alias importkey -keystore c:\Users\Administrator\keystore.ImportKey
  13. Use Internet Explorer to download the intermediate certificate chain for the Certification Authority (CA). For example, point Internet Explorer to
    Newtab2
    aliashttps://certificatescerts.godaddy.com/repository/
    urlhttps://certificatescerts.godaddy.com/repository/
    .
  14. Save the intermediate certificate chain to the root directory of the disk C:\ on the server hosting the IDERA Dashboard services.

  15. Import the received trusted certificate into your keystore file, by running the following command in your Command Promp window:
    keytool -import -alias intermed -file c:\sf_issuing.crt -keystore c:\Users\Administrator\keystore.ImportKey -trustcacerts

    Info

    Internet Explorer may change the file extension. If the command above does not work, try sf_issuing.cer instead of sf_issuing.crt.

  16. Open Windows File Explorer on the machine hosting the IDERA Dashboard services. Navigate to the following directory C:\Program Files\Idera\Dashboard\WebApplication\
  17. Rename the file keystore to keystore.old.
  18. Then rename the file C:\Users\<your username>\keystore.ImportKey to C:\Program Files\Idera\Dashboard\WebApplication\conf\keystore, and move that file into “C:\Program Files\Idera\Dashboard\WebApplication\conf”.
  19. Finally, restart the IDERA Dashboard Web Application service to complete the setup, and log into the IDERA Dashboard to verify that the certificate has been successfully applied.

...

Read more about Java keytool for Windows:

Newtab2
aliashttp://java.sun.com/javase/6/docs/technotes/tools/windows/keytool.html
urlhttp://java.sun.com/javase/6/docs/technotes/tools/windows/keytool.html



Scroll pdf ignore
Excerpt

Newtabfooter
aliasIDERA
urlhttp://www.idera.com
|
Newtabfooter
aliasProducts
urlhttps://www.idera.com/productssolutions/sqlserver
|
Newtabfooter
aliasPurchase
urlhttps://www.idera.com/buynow/onlinestore
|
Newtabfooter
aliasSupport
urlhttps://idera.secure.force.com/
|
Newtabfooter
aliasCommunity
urlhttp://community.idera.com
|
Newtabfooter
aliasResources
urlhttp://www.idera.com/resourcecentral
|
Newtabfooter
aliasAbout Us
urlhttp://www.idera.com/about/aboutus
 |
Newtabfooter
aliasLegal
urlhttps://www.idera.com/legal/termsofuse