Initializing help system before first use

Create a Self-Signed KeyStore

This topic explains how to generate a KeyStore containing a new self-signed SSL certificate and private key. Self-signed certificates can be useful for evaluation environments, however they are not as secure as certificates signed by a public authority. The Insight 5 Server and each worker should have its own certificate.
Perform this process for the server and each worker.

Create a Server KeyStore with a Self-Signed Certificate

To create a self-signed X.509 SSL certificate and its key for the Insight 5 Server and add it to a KeyStore, perform the following steps:
  1. Open a Command Prompt and navigate to the OS-dependent <SERVER_CONFIG_DIR>.
  2. Enter the following command. 
    keytool -genkey -v -keystore insight-keystore 
-keyalg RSA -keysize 2048 -validity 10000 -alias insight-server-https 
-dname "cn=<server-hostname>, ou=Unknown, o=Unknown, c=Unknown"
  3. Provide and confirm a KeyStore password.
A new file named insight-keystore is created. Next, perform the steps detailed in Insight Server SSL Configuration.

Create a Worker KeyStore with a Self-Signed Certificate

To create a KeyStore containing a X.509 SSL certificate and its key for the Insight 5 Worker and add it to a KeyStore, perform the following steps:

  1. Open a Command Prompt and navigate to the OS-dependent <WORKER_CONFIG_DIR>.
  2. Enter the following command, then respond to each of the prompts. 
    keytool -genkey -v -keystore insight-keystore 
-keyalg RSA -keysize 2048 -validity 10000 -alias insight-worker-https 
-dname "cn=<worker-hostname>, ou=Unknown, o=Unknown, c=Unknown"
  3. Provide and confirm a KeyStore password.
A new file named insight-keystore is created. Next, perform the steps detailed in Insight Server SSL Configuration.
Parent Topic Enabling HTTPS with Xpress Insight 5 Server