...
- Install A-Stack Configurator Daemon
- Unzip the A-Stack Configurator Zip fie.
- Start the configurator using the TQL CLI Command.
- Please note that if you are starting multiple instances of A-Stack on same host; specify the Path parameter to the -engine command.
- Default SSL Certificate
- Testing if the Deamon is running
- Steps to generate SSL Certificate
#Steps to Create SSL Certificate
Update openssl.cnf file for SAN update -
1. Update openssl.cnf file located at /etc/pki/tls/openssl.cnf to add below configuration lines
These lines need to update in v3_req sectionsubjectAltName = @alt_names
alt_names
DNS.1 = localhost
DNS.2 = <Hostname>
IP.1 = <IP address>Execute below openssl commands to create and import ssl certificate -
1. openssl genrsa -des3 -out server.key 1024 -extensions v3_req -extfile /etc/pki/tls/openssl.cnf
2. openssl req -new -key server.key -out server.cer -extensions v3_req
3. cp server.key server.key.org
4. openssl rsa -in server.key.org -out server.key
5. openssl x509 -req -days 365 -in server.cer -signkey server.key -out server.crt -extensions v3_req -extfile /etc/pki/tls/openssl.cnf
6. openssl pkcs12 -export -in server.crt -inkey server.key -out serverKeystore.p12
7. export PATH=$PATH:/opt/jdk1.8.0_144/jre/bin – Find path till java keytool lib directory and pass it to export command
8. keytool -importkeystore -deststorepass test123 -destkeystore server.jks -srckeystore serverKeystore.p12 -srcstoretype PKCS12
Replace certificate in $TQL_HOME/sslcertificates folder; where $TQL_HOME is the directory where A-Stack Configurator Daemon is installed.
If certificate file name is different from server.jks then update its name in sff.local.config.xml file
Creating a Gold Copy of A-Stack Configurator
...