Note that install_dir is the software installation directory and java_install_dir is the JDK installation directory.
Step 2: Generate an RSA Key Use the rsakey utility to generate an RSA key. By default, the key is output in password-protected PKCS5-encoded PKCS8 format to the file enc-server-key.der.
The rsakey utility prompts you for a password phrase. Make sure that you remember your password. You will need it when you start the Web Integrator Server. If you forget your password, you will need to generate a new certificate.
Note: The rsakey utility may take more than a minute to generate a key, even if you are using a JIT compiler.
The rsakey utility is described as follows:
Syntax java rsakey [params]
Parameters -f key file Specifies the name of the file to which the key is output. Default: enc-server-key.der
-c Indicates that you want to output the key file in PKCS1 format, which is not password-protected.
If you use this parameter, the key is output to the file server-key.der, which is a DER-encoded (Distinguished Encoding Rules encoded) binary file.
If you use this parameter and do not password-protect your key file, make sure that you store your key in a file that is accessible only to the Web Integrator Server administrator.
-e publicExp The public exponent. Default: 65537
-n bits The key length in bits. Default: 512
-d Indicates that you want to display the key.
-help Displays the parameters and their descriptions.
Example % java rsakey generate p generate q Enter password phrase: Test Server
Note: Make sure that you remember the password and that you save the output key file enc-server-key.der. NOTE: Please backup your private key and write the password down in a safe place. Your certificate will not work without this private key.
Step 3: Build a Certification Request Parameters -k key file The key file name. Default: enc-server-key.der
-d Indicates that you want to output the Certificate Submission Request (CSR) in DER format.
If you do not use this parameter, the CSR is output in BASE64-encoded Privacy Enhanced Mail (PEM) format to the file server-csr.pem.
-o csr file Specifies the name of the file to which the CSR is output. Default: server-csr.pem
-help Displays the parameters and their descriptions.
Example % java csr Enter password to enc-server-key.der: Test Server Enter Country name [US]: Enter State name: Massachusetts Enter Locality name: Westborough Enter Organization name: CNT Enter Organization Unit name [Brixton Web Integrator]: Enter Common name (e.g., host.cnt.com): bass.cnt.com Enter E-mail Address: tech_support@cnt.com Done. Your Certification Request is in server-csr.pem