Apache Tomcat (keytool)
- Create a new keystore:
keytool -genuine-select 2048 keykey RSA alias ALIAS keykey KEYSTORENAVN
Use the same password on keystore and the key itself.
- Verify keystore:
keytool -list -keystore keystore Here you just expect it to be an entry; PrivateKeyEntry.
- Create CSR:
keytool -certreq-alias ALIAS -key sale RSA-file CERTFIL.csr -keystore KEYSTORENAVN ‘
- CSR is provided to us and you receive a zip file with diverted crt / cer files. If you select IIS as the server type during ordering, you get a ready-made p7b file that makes installation a little faster. It is possible to change file extension from .cer to .p7b. The p7b file contains the certificate as well as the intermediate and root certificates.
- Import p7b into keystore:
keytool -import-alias ALIAS -trustcacerts -files FILEN_SOM_DU_FÅR_AV_OSS.p7b -keystore KEYSTORE
- Move the keystore file (jks) into \ Jenkins \ secrets (this is certainly not necessary as it can be specified in config, but appears to be own read / write privileges for this folder which is a small advantage).
- in jenkins.xml:
Verify that -httpsKeyStore = »% BASE% \ secrets \ KEYSTORE» -httpsKeyStorePassword = KEYSTORE_PASSWORD