Hitachi

JP1 Version 12 JP1/Automatic Operation Configuration Guide 


1.8 Procedure to import SSL server certificates for https connections between JP1/AO and external Web servers into Common Component

To enable https connections between JP1/AO and external Web servers, an SSL server certificate must be installed in the truststore of the Common Component. To import the SSL server certificate into the truststore of the Common Component, you use the hcmds64keytool command (in Windows) or the keytool command (in Linux).

Tip

You do not need to perform this procedure if you do not intend to use a Web client plug-in to establish https connections. You can also perform this procedure after you start using JP1/AO.

Before you begin

Procedure to import SSL server certificate to truststore of Common Component

You can import an SSL server certificate into the truststore of the Common Component by executing a command. To import an SSL server certificate into the truststore of the Common Component:

  1. Execute the following command:

    In Windows:

    Common-Component-installation-folder\bin\hcmds64keytool -import -alias alias-name -file SSL-server-certificate-path -keystore truststore-file-path -storepass truststore-access-password

    In Linux 6, Linux 7, SUSE Linux 12:

    Common-Component-installation-folder/uCPSB/jdk/bin/keytool -import -alias alias-name -file SSL-server-certificate-path -keystore truststore-file-path -storepass truststore-access-password

    In Linux 8:

    Common-Component-installation-folder/uCPSB11/jdk/bin/keytool -import -alias alias-name -file SSL-server-certificate-path -keystore truststore-file-path -storepass truststore-access-password -storetype JKS

    Note

    Note the following points when you specify alias-name, truststore-file-path, and truststore-access-password by using the hcmds64keytool or keytool command:

    • For alias-name, specify the name used to identify the certificate within the truststore. If there are multiple SSL server certificates, specify an alias that is not already in use in the truststore.

    • The following symbols cannot be used in truststore-file-path:

      Colons (:), commas (,), semicolons (;), asterisks (*), question marks (?), double quotation marks ("), left and right angle brackets (< and>), vertical bars (|), and hyphens (-)

    • Specify truststore-file-path as a character string of 255 bytes or fewer.

    • Double quotation marks (") cannot be used in alias-name or truststore-access-password.

  2. Restart the JP1/AO server.