THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
To administer SSL certificates the Keystore Configuration portlet in available by selecting Keystore on the Console Navigation menu on the left hand side. From this portlet you can either import an existing certificate or create a new certificate request.
The certificates in Geronimo are stored in a keystore located in <geronimo_home>\var\security\ssl-keystore-1. This ssl keystore file does not exist until you create the first private key.
If you already have a certificate you can click on import trusted certificate.
Specify the location of the certificate file and click View Certificate. The certificate information will be displayed, you may add an alias to identify this certificate, when done click on Import to add that certificate to the keystore. You should now see that the keystore size has increased.
To generate a key click on generate key pair. In the following screen enter the relevant information and click on Submit. For this example we entered the following values:
Alias: | geronimo serverGeronimo Server |
Key Algorithm: | RSA |
Key Size: | 1024 |
Signature Algorithm: | MD5withRSA |
Validity: | 2000 |
Common Name (CN):Geronimo | 127.0.0.1 |
Organizational Unit (OU): | ApacheGeronimo |
Organizational Name (O): | orgApache |
Locality (L): | Locality |
State (ST): | State |
Country (C): | Country |
You should now see that the keystore size has increased to 1 and the private key you just created is listed near the bottom of the Keystore Configuration portlet. Click on view next to the private key you created, you should see the details of this key pair and the options to generate a certificate request and to import a certificate reply from a certification authority (CA).
...
To generate a certificate request to send to a CA click on generate CSR, copy the content generated and send it to the CA (you would normally receive the instructions from the CA on how to send this CSR).
Once you receive the reply from the CA you will likely receive a certificate file, to add this certificate to the keystore follow the steps to import trusted certificate.