Red Hat Training

A Red Hat training course is available for Red Hat Gluster Storage

Appendix D. Java Keystores

This appendix demonstrates how to import the X.509 certificate exported from the Red Hat Storage Console server (See Section 2.1, “TLS/SSL Certification” for information on certificate exports) into a new Java keystore file.

Procedure D.1. Import a certificate into a new Java keystore

This process helps a user import the rhsc.cer certificate from Section 2.1, “TLS/SSL Certification” into a Java keystore. This procedure requires the keytool management utility from the Java Development Kit (JDK) available for Linux and Windows systems.
  1. Access your client machine and locate the rhsc.cer certificate.
  2. Import the rhsc.cer certificate using the Java keytool management utility. 
    keytool -importcert -v -trustcacerts -keystore restapi.jks -noprompt -alias rhsc -file rhsc.cer
    The keytool utility creates a new keystore file named restapi.jks.
  3. keytool asks for the keystore password. Enter a password and keytool asks to verify it.
  4. keytool adds the rhsc.cer certificate to the restapi.jks keystore. Use keytool -list command to view the certificate's entry in the keystore: 
    keytool -list -keystore restapi.jks -storepass [password]

Important

Some versions of keytool parse the certificate incorrectly. If keytool does not recognize the certificate, convert it to a different X.509 format with the openssl tool: 
openssl x509 -in rhsc.cer -out rhsc.new -outform [pem|der]
This creates a file called rhsc.new to use in place of rhsc.cer.
22632%2C+Console+Developer+Guide-322-09-2014+17%3A11%3A35Report a bug