Initializing help system before first use

Create the SSL Certificate KeyStore

This topic explains how to create a KeyStore containing your existing SSL certificate and private key. The certificate within the KeyStore is used to encrypt the SSL connection.

To create the Server KeyStore

  1. Ensure that your files for the SSL certificate certificate.pem and private key privatekey.pem are saved in the OS-dependent <SERVER_CONFIG_DIR> folder. For more on <SERVER_CONFIG_DIR>, see Important Note about this Guide.
  2. Convert the PEM files into a temporary PKCS12 KeyStore file. You will be prompted to supply a password for this new KeyStore. 
    openssl pkcs12 -export -name insight-server-https -in certificate.pem -inkey privatekey.pem -out temp-keystore.p12
  3. Convert the PKCS12 KeyStore file into a Java KeyStore file. You will be prompted to enter the password entered in the previous step, and to provide a password for the destination Java KeyStore. 
    keytool -importkeystore -destkeystore insight-keystore -srckeystore temp-keystore.p12 -srcstoretype pkcs12 -alias insight-server-https
  4. Remove the temporary PKCS12 KeyStore file temp-keystore.p12.
  5. Remove the SSL certificate certificate.pem and private key privatekey.pem, ensuring you retain a copy in a secure location for future reference.

To create the Worker KeyStore

Repeat these steps on each installed Insight Worker.
  1. Ensure that your files for the SSL certificate certificate.pem and private key privatekey.pem are saved in the appropriate OS-dependent <WORKER_CONFIG_DIR> folder. For more on <WORKER_CONFIG_DIR>, see Important Note about this Guide.
  2. Convert the PEM files into a temporary PKCS12 KeyStore file. You will be prompted to supply a password for this new KeyStore. 
    openssl pkcs12 -export -name insight-worker-https -in certificate.pem -inkey privatekey.pem -out temp-keystore.p12
  3. Convert the PKCS12 KeyStore file into a Java KeyStore file. You will be prompted to enter the password entered in the previous step, and to provide a password for the destination Java KeyStore. 
    keytool -importkeystore -destkeystore insight-keystore -srckeystore temp-keystore.p12 -srcstoretype pkcs12 -alias insight-worker-https
  4. Remove the temporary PKCS12 KeyStore file temp-keystore.p12.
  5. Remove the SSL certificate certificate.pem and private key privatekey.pem, ensuring you retain a copy in a secure location for future reference.
Parent Topic Enabling HTTPS with Xpress Insight 5 Server