...
Generate self-signed cert:
Code Block | ||
---|---|---|
| ||
set JAVA_HOME=C:\Program Files\Java\jre1.8.0_141Unimus\jre8 set KEYTOOL=%JAVA_HOME%\bin\keytool cd "C:\Program Files\Unimus" "%KEYTOOL%" -genkey -alias unimus -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore unimus.keystore.p12 -validity 3650 |
...
During the cert generation, you will be asked for the keystore password.
Input the password you with wish to use (the keystore will be generated with such password) - you will need it in the next step.
...
Inside of this configuration file, please add the following lines:
Code Block | ||
---|---|---|
| ||
-Dserver.ssl.key-store=/opt/unimus/unimus"C:\\Program Files\\Unimus\\unimus.keystore.p12" -Dserver.ssl.keyStoreType=PKCS12 -Dserver.ssl.keyAlias=unimus -Dserver.ssl.key-store-password=[insert password here] |
...
Generate self-signed cert:
Code Block | ||
---|---|---|
| ||
JAVA_HOME=/usr/lib/jvm/java-8-oracle/jre/11-openjdk-amd64 KEYTOOL=$JAVA_HOME/bin/keytool cd /opt/unimus $KEYTOOL -genkey -alias unimus -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore unimus.keystore.p12 -validity 3650 |
...
Edit '/etc/default/unimus', and add the following commands:
Code Block | ||
---|---|---|
| ||
-Dserver.ssl.key-store=/opt/unimus/unimus.keystore.p12 -Dserver.ssl.keyStoreType=PKCS12 -Dserver.ssl.keyAlias=unimus -Dserver.ssl.key-store-password=[insert password here] |
...
Restart the Unimus service, and it should be available only over HTTPS.
Notes and tips
Important note: please be careful if the keystore password contains the # character.
# is used as a comment, so a password containing it will not be fully read from the configuration.
You can enclose the password in " (double quotes) if you wish to use # as a part of the password.