5.3.4 Registering a root certificate
To encrypt communication with the linked mail server through SSL (SMTPS/STARTTLS) in mail server linkage while using the delivery notification function, you need to register a root certificate of the Certificate Authority. The root certificate of the Certificate Authority that signed the certificate for SMTPS/STARTTLS communication that is registered in the linked mail server must be registered in the Java keystore contained in the JP1/DH Web application server. In the same way, to encrypt communication with the directory server through SSL (LDAPS) in authentication using the directory server when a user logs in to this product, you need to register a root certificate of the Certification Authority. The root certificate of the Certification Authority that signed the certificate for LDAPS communication that is registered in the linked directory server must be registered in the Java keystore contained in the JP1/DH Web application server.
Use either of the commands below to register the root certificate. For the certificate alias, you can specify any root certificate name.
-
In Windows
installation-folder\uCPSB\jdk\jre\bin\keytool -import -alias certificate-alias -file path-to-the-root-certificate-file -keystore installation-folder\uCPSB\jdk\jre\lib\security\cacerts -storepass changeit
-
In Linux
/opt/jp1dh/server/uCPSB/jdk/jre/bin/keytool -import -alias certificate-alias -file path-to-the-root-certificate-file -keystore /opt/jp1dh/server/uCPSB/jdk/jre/lib/security/cacerts -storepass changeit