This tutorial will demonstrate how to install/configure the chain in KeyStore. We assumed that all the needed certificate files are downloaded already on your computer.
Introduction #
Users can use a certificate provided by a Certifying Authority (CA) or a self-signed certificate for secure communication between the management server and the agent.
SKYVVA uses standard HTTPS to communicate securely over the Internet. SKYVVA applications that are installed locally – including Private Agents – include a trusted Keystore containing all of the certificates that are needed to communicate securely.
Users may need to add a new certificate to the SKYVVA Java Keystore if, for example, you are using a proxy server and need to allow the SKYVVA local client to communicate securely through the proxy server.
This page contains generic instructions for manually adding certificates to the Jitterbit Java Keystore.
Java KeyStore (JKS) #
Users must be in Administrator mode in order to run Java Keytool commands. Any of the Java Keytool commands presented in this document may be used by substituting the home directory for the product you are working with:
Install Certificate Chain in KeyStore #
1. file.ca-bundle :
2. file.crt:
Only two files are enough to install the certificate:
-
- Edit file.ca-bundle and file.crt.
- Let copy all text from file.ca-bundle and paste under the text of file.crt
- Save file.crt
openssl pkcs12 -export -in skyvva-agent.skyvva.com.crt -inkey skyvva-agent.skyvva.com.key.txt -certfile skyvva-agent.skyvva.com.crt -name "skyvva-agent.skyvva.com" -out skyvva-agent.skyvva.com.p12
keytool -importkeystore -deststorepass password -destkeystore skyvva-agent.skyvva.com.jks -srckeystore skyvva-agent.skyvva.com.p12 -srcstoretype PKCS12
4. After upload the JKS file running in java based web service with https and you can check your domain bellow:
Follow link: https://www.digicert.com/help/ Check Server Address
Create new Linux ec2 instance #
This is an example to create a new ec2-instance with Linux which is similar to the existing agent-test ec2-instance. The agent-test ec2-instance is now used to run the Agent. The new ec2-instance is called ‘agent-app‘ where we will install all applications we need for testing like database, FTP, Kafka, pulsar, etc..
The user name is ‘ec2-user’. The password is not clear at the moment. Probably we need to set a new password. We can connect to the shell using a browser like with the agent-test instance. Probably the password is the same.
Select the machine image
Choose the instance type
Network setup
Define the storage
Give a name
Security Group
Review the summary
Keys file
The file agent-app.pem is the private key that we have downloaded.
Increase the hard disc
After launching the instance it is not showing the 30GB hard disc. Instead, it shows only 8 GB. Therefore I have defined again. Click on the button ‘Create Image’ after a name for example ‘root’ is given.
Now after changing again we see 30GB of space.
Summary #
Now user learned about How to install/configure the chain in KeyStore and Creating a CA-Signed certificate for Agent Service (https).