OneData 10.7 | Managing Master Data with webMethods OneData | Administering webMethods OneData | Configuring SSL in OneData | Creating a Keystore Having a Self-Signed Certificate
 
Creating a Keystore Having a Self-Signed Certificate
To configure SSL, OneData must have an associated certificate for each external interface (IP address) that accepts secure connections.
OneData has a default self-signed certificate associated with it. You can view it through the URL https://<HOST_NAME>:9093/onedata. Software AG recommends that you use a newly created self-signed certificate or obtain a certificate from a Certification Authority as described in Configuring SSL in OneData Using a Signed Certificate. Before using either of these certificates, you must first create a keystore.
The following task enables you to create a keystore containing a self-signed certificate. You must perform these steps even if you are obtaining a self-signed certificate.
*To create a keystore having a self-signed certificate
1. Open the keytool command prompt.
2. Execute the following command to create a new keystore for a single self-signed certificate.
<INSTALL_DIR>/jvm/jvm160/bin/ keytool -genkey -alias tomcat -keyalg  RSA -keystore <INSTALL_DIR>/profiles/ODE/configuration/tomcat/conf/.odkeystore
3. Enter the keystore password. The default Tomcat password is changeit .
Note:
You can use a custom keystore password, but you must specify the custom password in the server.xml configuration file, as described in the previous step.
4. Provide the general information about the self-signed certificate, such as the company and contact name.
A secure page in OneData displays this information to the user.
5. Enter the private key password that is specific for this self-signed certificate.
Important:
Your private key password and keystore password must be the same.
Tip:
The keytool prompt indicates that pressing the ENTER key does this for you automatically.
Now OneData has a keystore file with a self-signed certificate. To enable HTTP over SSL in OneData, follow the steps in Enabling HTTPS in OneData .