Versions Compared

Old Version 25

changes.mady.by.user Daniela Villalobos

Saved on

compared with

New Version 26

changes.mady.by.user Daniela Villalobos

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The following steps show you how to install a SSL certificate purchased from a Certification Authority. Your SSL vendor may have different instructions, please check with them for proper certificate installation. The following examples refer to GoDaddy and VeriSign.

To enable a certificate, use the Java keytool - a key and certificate management utility. The keytool stores the keys and certificates in a so-called keystore.

...

  1. Copy your private Key file (wildcard.idera.com.key) and

...

  1. Certificate file

...

  1. (wildcard.idera.com.crt

...

  1. ) in PEM format, on the root directory where IDERA Dashboard Services host (i.e.

...

  1. "C:\Program Files\Idera\Dashboard").
  2. Download

...

  1. OpenSSL for Windows

...

  1. from
    Newtab2
    aliashttp://gnuwin32.sourceforge.net/packages/openssl.htm
    urlhttp://gnuwin32.sourceforge.net/packages/openssl.htm
    . Select the ‘Complete package, except sources’ option, and copy the .exe file in the root file where the IDERA Dashboard services host, right click and Run as Administrator to install the program.
  2. Start a Windows Command Prompt by clicking clicking Start > Command Prompt (right-click on Command Prompt to run as Administrator). Alternatively, you can go to to Start > Run and  and then type type cmd without  without quotes and press <Enter>.
  3. Use Use the cd C: and then cd\ commands  command to go to the root directory of the disk C:\, where you copied the key and certificates are locatedKey and Certificate files.
  4. Run the following commands to convert the key and the certificate from PEM to DER format.
    "C:\OpenSSL\bin\openssl" pkcs8 -topk8 -nocrypt -in wildcard.idera.com.key -inform PEM -out wildcard.idera.com.key.der -outform DER
    "C:\OpenSSL\bin\openssl" x509 -in wildcard.idera.com.crt -inform PEM -out wildcard.idera.com.crt.der -outform DER
  5. Use the cd command to go to the directory where the keytool is located.:
    cd "C:\Program Files\Idera\Dashboard\WebApplication\JRE\bin\"
  6. Use Internet Explorer To create the new keystore file, you have to download the ImportKey utility .Point Internet Explorer to
    Newtab2
    aliashttphttps://discourse.igniterealtime.jiveon.com/servlet/JiveServlet/download/196707-4718/importkeyorg/uploads/default/original/2X/2/2638b26131247f7d11132bd2e3fba0e1ec87156b.zip
    urlhttphttps://discourse.igniterealtime.jiveon.com/servlet/JiveServlet/download/196707-4718/importkey.zip
    . Unzip the
    .org/uploads/default/original/2X/2/2638b26131247f7d11132bd2e3fba0e1ec87156b.zip
    .
  7. Access IDERA’s FTP server by navigating to the path 
    Newtab2
    aliasftp://downloads.idera.com/
    urlftp://downloads.idera.com/
    in Internet Explorer (then follow the instructions on that page to login), or by using the link in Windows File Explorer. Use the following credentials:
    Username: ImportKeyDownload
    Password: 03gXm6tv
  8. Unzip the ImportKey utility to C:\Program Files\Idera\Dashboard\WebApplication\JRE\bin\ directory.

  9. Run In your Command Promp window, run the following command. It will launch the ImportKey utility and create the keystore file (default name is keystore.ImportKey) in your home directory (in Windows 2008 it is usually C:\Users\<your username>). The private key and the certificate will be placed there.
    java ImportKey c:\wildcard.idera.com.key.der c:\wildcard.idera.com.crt.der

    Info

    The keystore and key passwords both must be set to to password. To do this, proceed with the next step.

  10. The following command allows you to set the password for your keystore file. The default password is importkey. Enter it when prompted, in your Command Promp window, and then type the new password, which must be set to password.
    keytool -storepasswd -keystore c:\Users\Administrator\keystore.ImportKey
  11. This command will allow you to set the password for the key file in the keystore. The default password is importkey. Enter it when prompted, and then type the new password, which must be set to password.
    keytool -keypasswd -alias importkey -ketstore keystore c:\Users\Administrator\keystore.ImportKey
  12. Use Internet Explorer to download the intermediate certificate chain for the Certification Authority (CA). For example, point Internet Explorer to
    Newtab2
    aliashttps://certificates.godaddy.com/repository/sf_issuing.crt
    urlhttps://certificates.godaddy.com/repository/sf_issuing.crt
    .
  13. Save the intermediate certificate chain to the root directory of the disk C:\ on the server hosting the IDERA Dashboard services.

  14. Import the received trusted certificate into your keystore file., by running the following command in your Command Promp window:
    keytool -import -alias intermed -file c:\sf_issuing.crt -keystore c:\Users\Administrator\keystore.ImportKey -trustcacerts

    Info

    Internet Explorer may change the file extension. If the command above does not work, try sf_issuing.cer instead of sf_issuing.crt.

  15. Open Windows File Explorer on the machine hosting the IDERA Dashboard services. Navigate to the directory following directory C:\Program Files\Idera\Dashboard\WebApplication\conf.
  16. Rename the file keystore to keystore.old.
  17. Then rename the file C:\Users\<your username>\keystore.ImportKey to C:\Program Files\Idera\Dashboard\WebApplication\conf\keystore., and move that file into “C:\Program Files\Idera\Dashboard\WebApplication\conf”.
  18. Finally, restart Restart the IDERA Dashboard Web Application service to complete the setup, and log into the IDERA Dashboard to verify that the certificate has been successfully applied.


keytool Options

  • alias. All keystore entries are accessed via unique aliases. Aliases are case-insensitive. An alias is specified when you add an entity to the keystore using the -import command. Subsequent keytool commands must use this same alias to refer to the entity.
  • file. Define absolute or relative path to your certificate file. If you define only file name, it means, that the file is located in the root directory.
  • keystore. Each keytool command has a -keystore option for specifying the name and location of the persistent keystore file for the keystore managed by keytool. A keystore is created when you use -import command to add data to a keystore that does not already exist. If you do not specify a -keystore option, the default keystore is a file named .keystore in your home directory (as determined by the "user.home" system property). If that file does not already exist, it will be created.

...