Consumers

Sepasoft MES Module Suite

Consumers

On this page:


In this section:


SSL Authentication

Enable SSL client authentication

If this is checked, SSL client authentication will be enabled. For additional information on SSL client authentication, see Oracle’s documentation: client authentication.

    • Keystore file path
      The path of a keystore file in Java KeyStore (JKS) format.
    • Keystore password
      The password of the keystore.

Use default truststore

If this is checked, the default truststore will be used to authenticate the server's certificate. The default truststore is the standard truststore 'cacerts' located in the <java-home>\lib\security\ directory.

    • Truststore file path
      The path of a truststore file in Java KeyStore (JKS) format.
    • Truststore password
      The password of the truststore.

Converting Private Keys to Java KeyStore

If you have private key files (.key) and certificate files (.crt, .cer, .der, .p12, .p7b, .pem, .pfx, etc.) other than a Java KeyStore file (.jks), you can convert them into a Java KeyStore file (.jks) using the openssl and the keytool.

  • Convert x509 Cert and Key to a pkcs12 file
openssl pkcs12 -export -in server.crt -inkey server.key -out server.p12 -name [some-alias] -CAfile ca.crt -caname root
Note

Make sure you put a password on the p12 file, otherwise you'll get a null reference exception when you try to import it.

You might want to add the -chain option to preserve the full certificate chain.
  • Convert the pkcs12 file to a java keystore

keytool -importkeystore -deststorepass [changeit] -destkeypass [changeit] -destkeystore server.keystore -srckeystore server.p12 -srcstoretype PKCS12 -srcstorepass some-password -alias [some-alias]


Sepasoft MES Module Suite