...
cams-app-cert.p12 now contains the certificate in PKCS12 format. To import it into a keystore, obtain a copy of the ISDA PKCS12Import.jar utility, and invoke it as follows (adjust the JAVA_HOME environment setting as needed):
| No Format |
|---|
# setenv JAVA_HOME /usr/java/jdk1.5.0_13
# $JAVA_HOME/bin/java -jar PKCS12Import.jar cams-app-cert.p12 cams-app.jks PASSWORD
|
where PASSWORD is replaced by the actual password you supplied above. Install the resulting keystore file into /usr/local/cams/conf/ (create the directory if necessary). Ensure that it is owned and only readable by the tomcat user.
Next, we need to create a server trust store containing the MIT CA certificates. Begin by copying the standard Java CA certificate store from the Java distribution, e.g.:
| No Format |
|---|
# cp /usr/java/jdk1.5.0_13$JAVA_HOME/jre/lib/security/cacerts /usr/local/cams/conf/serverTrustStore.jks |
...