A digital certificate (also called a public key certificate) is an electronic document that is used to verify identity in electronic communication. A digital certificate is issued by a Certificate Authority (CA). You obtain a digital certificate from one of the following sources:
An internal CA enables you to issue and use your own digital certificates. Windows Server 2003/2008/2012 has a built-in CA that you can install and use. For information about how to use the Windows Server CA, see the Microsoft support website.
A TTP (trusted third-party) is a CA that issues a digital certificate for a commercial fee. The certificate is signed with a private key and the corresponding public key is widely distributed.
A self-signed certificate is a certificate that is signed using the private key of the issuer of the certificate. That is, the certificate is signed by the same entity whose identity it certifies.
Note: Trusting the issuer of a self-signed certificate is problematic. In a production environment, we recommend that you use a certificate issued by a trusted Certificate Authority. For testing in a non-production environment, a self-signed certificate is acceptable.
Example: Create a Self-Signed Certificate
To enable SSL encryption in your CA GovernanceMinder portal, create a self-signed certificate.
Follow these steps:
keytool -genkey -alias name -keyalg RSA -keystore server.keystore
Defines the alias to use for adding an entry to the keystore.
Specifies the algorithm to use to generate the key pair.
The keytool utility starts.
gm_directory\eurekify-jboss\server\eurekify\conf
A server.keystore file is created and placed in the specified folder.
|
Copyright © 2014 CA.
All rights reserved.
|
|