Doel: Een SSL-certificaat installeren in ADManager Plus
Oplossing: Stappen voor het toepassen van een SSL-certificaat in ADManager Plus
keytool -genkey -alias tomcat -keypass <your key password> -keyalg RSA -validity 1000 -keystore <domainName> .keystore
Replace <your key password> with a password of your choice. Replace the <domainName> with the name of your domain.
You will be prompted to answer the following questions:
Sr. No. | Question | Answer |
---|---|---|
1. | What is your first name and last name? | Enter the NetBIOS or FQDN of the server in which ADManager Plus is configured. |
2. | What is the name of your Organizational Unit? | Enter the name of the OU of your choice. |
3. | What is the name of your Organization? | Provide the legal name of your organization. |
4. | What is the name of your City or Locality? | Enter the City or Locality name as provided in your organization's registered address. |
5. | What is the name of your State or Province? | Enter the name of your State or Province as provided in your organization's registered address. |
6. | What is the two-letter country code for this unit? | Provide the two-letter code of the country your organization is located in. |
keytool -certreq -alias tomcat -keyalg RSA -ext SAN=dns:server_name,dns:server_name.domain.com,dns:server_name.domain1.com -keystore <domainName>.keystore -file <domainName>.csr
Replace the <domainName> with the name of your domain and provide the appropriate Subject Alternatives Names.
An internal CA is a member server or domain controller in a specific domain, that has been assigned the role of a CA.
Keytool
Replace the <keystore_name> with the name of your keystore.
keytool -import -alias <internal CA_name> -keystore ..\lib\security\cacerts -file certnew.cer
Note: Open the '.cer' file to get the name of your internal CA. When prompted, provide 'changeit' as the keystore password.
keytool -import -trustcacerts -alias tomcat -file <certificate-name.p7b> -keystore <keystore-name.keystore>
Note: If you use an external CA which is not in the aforementioned list, please contact your CA for the required commands.
Meer hulp nodig? Vul dit formulier in en wij nemen meteen contact met u op.