{"id":9988,"date":"2022-02-15T14:41:34","date_gmt":"2022-02-15T22:41:34","guid":{"rendered":"https:\/\/minisoft.com\/support\/?p=9988"},"modified":"2022-02-15T15:26:54","modified_gmt":"2022-02-15T23:26:54","slug":"applying-an-ssl-certificate-to-the-pack-station","status":"publish","type":"post","link":"https:\/\/alt2.minisoft.com\/support\/applying-an-ssl-certificate-to-the-pack-station\/","title":{"rendered":"Applying an SSL certificate to the Pack Station"},"content":{"rendered":"\n

To validate a Pack Station<\/a> certificate, the certificate has to match the domain name. This requires a certificate signing request (CSR<\/a>) made from a private key. A CSR can be generated with Java Keytool, Microsoft Management Console or using a reputable third-party’s own rules. The CSR is used to obtain an SSL certificate from a third-party, the certificate authority. The certificate authority should send three certificates: root certificate, intermediate certificate and main certificate. The PKCS12 files or JKS files must be added to the keystore on the Pack Station server and the eFORMz server. <\/p>\n\n\n\n

NOTE:<\/strong> eFORMz supports PKCS12 or JKS. The Pack Station currently only supports JKS. To convert PKCS12 to JKS, use the following command:<\/p>\n\n\n\n

keytool -importkeystore -srckeystore keystore.jks -destkeystore keystore.jks -deststoretype JKS<\/pre>\n\n\n\n
Create a directory for the keystore<\/h2>\n\n\n\n
Open a command prompt and type the following:<\/p>\n\n\n\n
mkdir sslcert<\/code><\/p>\n\n\n\n
Then cd to the newly created directory by typing the following command:<\/p>\n\n\n\n
cd sslcert<\/code><\/p>\n\n\n\n
\"\"<\/a><\/figure>\n\n\n\n
Create keystore<\/h2>\n\n\n\n
Use the following command to create a keystore:<\/p>\n\n\n\n
keytool -genkey -alias youralias -keyalg RSA -keystore yourkeystorename.jks -keysize 2048<\/pre>\n\n\n\n
You will be prompted to enter keystore password. The default password is changeit<\/code>. You will be asked the following questions:<\/p>\n\n\n\n
What is your first and last name?\n  [Unknown]:  sales.shipfx.cloud\nWhat is the name of your organizational unit?\n  [Unknown]:  IT\nWhat is the name of your organization?\n  [Unknown]:  Minisoft\nWhat is the name of your City or Locality?\n  [Unknown]:  Snohomish\nWhat is the name of your State or Province?\n  [Unknown]:  Washington\nWhat is the two-letter country code for this unit?\n  [Unknown]:  US<\/pre>\n\n\n\n
\"\"<\/a><\/figure>\n\n\n\n
To confirm accuracy, type y<\/code> or yes<\/code> and press enter. You will then be prompted to enter the key password. Press enter if you are using the default password.<\/p>\n\n\n\n
Generate a certificate signing request (CSR)<\/h2>\n\n\n\n
To generate a CSR, use the -certreq<\/code> command:<\/p>\n\n\n\n
keytool -certreq -alias youralias -file yourcsrname.csr -keystore yourkeystorename.jks<\/pre>\n\n\n\n
\"\"<\/a><\/figure>\n\n\n\n
Note:<\/strong> For general information on the creation of a CSR, consult the following post: Generate a CSR (certificate signing request) for an SSL certificate<\/a><\/p>\n\n\n\n
Download certificate files<\/h2>\n\n\n\n
Send the certificate request to your certificate authority (CA). The CA will send you the certificate files. Once you\u2019ve downloaded your certificate files, you\u2019ll need to import them into the keystore.<\/p>\n\n\n\n
Import root certificate to cacerts.jks and keystore.jks<\/h2>\n\n\n\n
keytool -import -trustcacerts -alias root -file (ROOT CERTIFICATE FILE NAME) -keystore domain.key<\/pre>\n\n\n\n
Import intermediate certificate to cacerts.jks and keystore.jks<\/h2>\n\n\n\n
keytool -import -trustcacerts -alias intermed -file (INTERMEDIATE CA FILE NAME) -keystore domain.key<\/pre>\n\n\n\n
Import entity (mydomain.com) certificate to keystore.jks<\/h2>\n\n\n\n
keytool -import -alias mydomain.com -keystore keystore.jks -trustcacerts -file mydomain.com.crt<\/pre>\n","protected":false},"excerpt":{"rendered":"
To validate a Pack Station certificate, the certificate has to match the domain name. This requires a certificate signing request (CSR) made from a private key. A CSR can be generated with Java Keytool, Microsoft Management Console or using a reputable third-party’s own rules. The CSR is used to obtain an SSL certificate from a […]<\/p>\n","protected":false},"author":75,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[581,77],"tags":[755,757,652,582],"_links":{"self":[{"href":"https:\/\/alt2.minisoft.com\/support\/wp-json\/wp\/v2\/posts\/9988"}],"collection":[{"href":"https:\/\/alt2.minisoft.com\/support\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/alt2.minisoft.com\/support\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/alt2.minisoft.com\/support\/wp-json\/wp\/v2\/users\/75"}],"replies":[{"embeddable":true,"href":"https:\/\/alt2.minisoft.com\/support\/wp-json\/wp\/v2\/comments?post=9988"}],"version-history":[{"count":4,"href":"https:\/\/alt2.minisoft.com\/support\/wp-json\/wp\/v2\/posts\/9988\/revisions"}],"predecessor-version":[{"id":10000,"href":"https:\/\/alt2.minisoft.com\/support\/wp-json\/wp\/v2\/posts\/9988\/revisions\/10000"}],"wp:attachment":[{"href":"https:\/\/alt2.minisoft.com\/support\/wp-json\/wp\/v2\/media?parent=9988"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/alt2.minisoft.com\/support\/wp-json\/wp\/v2\/categories?post=9988"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/alt2.minisoft.com\/support\/wp-json\/wp\/v2\/tags?post=9988"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}