Product: TIBCO Spotfire®
How to setup TIBCO Spotfire Advanced Data Services (ADS) to use an existing or a self-signed certificate.
In TIBCO Spotfire Advanced Data Services, HTTPS is enabled by default and it uses a Java keystore file with a 1024-bit RSA key and a certificate signed by Cisco. This KB article will show the steps needed to use a self-signed certificate or an already existing certificate.
If you already have a certificate you would like to use, then you can skip step 1 and 2 and import the certificate using step 3 and 4.
- This article assumes you have installed TIBCO Spotfire Advanced Data Services(ADS) into the default installation path "C:\Program Files\Composite Software\CIS x.x.x\" .
- Replace SERVERNAME with the FQDN (Fully Qualified domain name) of the server.
- Replace PASSWORD with what ever password you would like to use. -keypass and -storepass must be the same.
- The -alias needs to be cis_server_strong otherwise you will need to make changes to the configuration via the Studio.
- The default password for the existing certificate stores are changeit.
1). Create your own self signed certificate using keytool.
keytool -genkeypair -alias cis_server_strong -keyalg RSA -keysize 2048 -dname "CN=SERVERNAME" -keypass PASSWORD -storepass PASSWORD -keystore "C:\Program Files\Composite Software\CIS 6.2.0\conf\server\security\custom_cert.jks"
2). Export certificate to a format that can be imported into Windows.
keytool -export -alias cis_server_strong -storepass PASSWORD -file "C:\Program Files\Composite Software\CIS 6.2.0\conf\server\security\server.cer" -keystore "C:\Program Files\Composite Software\CIS 6.2.0\conf\server\security\custom_cert.jks"
3). Import the certificate into Studio trust store. This is needed in order to be able to use https with Studio.
keytool -import -v -trustcacerts -alias cis_server_strong -file "C:\Program Files\Composite Software\CIS 6.2.0\conf\server\security\server.cer" -keystore "C:\Program Files\Composite Software\CIS 6.2.0\conf\studio\security\cis_studio_truststore_strong.jks" -storepass changeit
4). Import the certificate into Server trust store. This is needed for the Web admin interface to work.
keytool -import -v -trustcacerts -alias cis_server_strong -file "C:\Program Files\Composite Software\CIS 6.2.0\conf\server\security\server.cer" -keystore "C:\Program Files\Composite Software\CIS 6.2.0\conf\server\security\cis_server_truststore_strong.jks" -storepass changeit
Comments
0 comments
Article is closed for comments.