Tuesday, February 13, 2018

WFA - Replace the SSL Certificate

In WFA you probably use https, and if you are a good sysadmin, you replace the SSL certificate.

I took me quite some time to replace my certificate with my "wildcard certificate" I use in my lab-environment.

Here is how I did it.






First : make sure you have your certificate with private key in pkcs12 format (password protected) Typically this is a "pfx" extension.  
You can do this with openssl : openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt
GotoC:\Program Files\NetApp\WFA\jboss\standalone\configuration\keystore\

Delete wfa.keystore

Goto  C:\Program Files\NetApp\WFA\Jre\bin

With keytool, list your private key file "p12" or "pks" or something (pwd protected)
  
Keytool -list -keystore "your private key file" -storetype pkcs12

Write down the alias of your private key

Then convert your private key file to the store file

keytool -importkeystore -deststorepass changeit -destkeypass changeit -destkeystore "C:\Program Files\NetApp\WFA\jboss\standalone\configuration\keystore\wfa.keystore" -srckeystore "yourprivfile.pfx" -srcstoretype PKCS12 -srcstorepass Netapp12 -alias le-0417495c-537c-4d1c-b46f-0cffc7da4c07

changeit = is the default password of wfa store.  

Netapp12 = is my example password of my private key file

That's it.

No comments :

Post a Comment