Page History
...
- The following explanations assume CA-signed certificates or self-signed certificates to be used.
- CA-signed certificates are provided from known and trusted Certificate Authorities (CA) that validates validate the domain owner.
- Self-signed certificates are created by users who operate their own CA, see the JS7 - How to create self-signed Certificates.
- Use of Intermediate CA certificates Certificates is optional.
- Certificate stores can be managed from the command line and by use of tools that provide a GUI for this purpose:
- the Java Keytool is available from the Java JRE or JDK,
- the Keystore Explorer is an open source utility to graphically manage certificate stores.
- Starting from Java 9 the PKCS12 keystore type is default and is not required to be specified with
keytool. - The following sections assume a PKCS12 keystore/truststore format. For Unix OS the .p12 file extension frequently is used, for Windows OS the .pfx extension is preferably used. Both file extensions indicate the same PKCS12 format and can be used interchangeably.
- The following explanations assume JOC Cockpit starting from release 2.5 to be used. This release introduces Jetty 11. Earlier releases of JOC Cockpit ship with Jetty 9 and make use of a single configuration file
JETTY_BASE/start.iniinstead of separate configuration files JETTY_BASE/start.d/http.ini,JETTY_BASE/start.d/https.ini,JETTY_BASE/start.d/ssl.ini.
...
Overview
Content Tools