https://support.eset.com/kb5695
Click here for instructions on using an already signed key.
- Run the following command:
sudo keytool -genkey -alias tomcat -keyalg RSA -keystore/etc/ssl/certs/java/era_web_console.keystore -storepass password -validity 3650 -keysize 4096
- Open the file
sudo nano /var/lib/tomcat7/conf/server.xml.
- Search or scroll until you find
<Connector port="8443">
and edit the area for connector port as follows:<Connector port="8443" protocol="HTTP/1.1"
SSLEnabled="true"
maxThreads="150"
scheme="https"
secure="true"
keystoreFile="/etc/ssl/certs/java/era_web_console.keystore"keystorePass="password"
keyAlias="tomcat"
clientAuth="false"
sslProtocol="TLS"
/>
Use an already signed key
- Purchase a key file from one of the certifying authorities for your ESET Remote Administrator (ERA) address.
- Copy this key to your Ubuntu server, preferably as a .pfx file.
- Determine the alias of the key file by running the following command:
keytool –list –storetype pkcs12 –keystore keyfilename.pfx –v | grep Alias
- Convert the .pfx file to .jks using the following command:
keytool –importkeystore –srckeystore keyfilename.pfx –srcstoretype pkcs12 –destkeystore keyfilename.jks –deststoretype jks
- Edit the configuration file to use the new .jks file, using the following command:
sudo nano /var/lib/tomcat7/conf/server.xml
Find the section that says<Connector port="8443">
and edit the section to look like this:<Connector port="8443"
protocol="HTTP/1.1"
SSLEnabled="true"
maxThreads="150"
scheme="https"
secure="true"
keystoreFile="location of the newly created .jks file, for example /home/user/keyfilename.pfx"
keystorePass="password"
keyAlias="use the alias you determined in the previous step"
clientAuth="false"
sslProtocol="TLS"
/> - Restart Tomcat using the following command:
sudo service tomcat7 restart
Add a comment
Please log in or register to submit a comment.