If you with to connect to Unimus using HTTPS with a self-signed cert, you can use these instructions.
On Linux
Generate self-signed cert:
Code Block |
---|
JAVA_HOME=/usr/lib/jvm/java-8-oracle/jre/
KEYTOOL=$JAVA_HOME/bin/keytool
cd /opt/unimus
$KEYTOOL -genkey -alias Unimus -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore unimus.keystore -validity 3650 |
Change JAVA_HOME to properly reflect the path to your JRE.
The default value will work for Oracle JRE, but for OpenJDK JRE it will be different.
During the cert generation, you will be asked for the keystore password.
Input the password you with to use (the keystore will be generated with such password) - you will need it in the next step.
After the cert was generated, you will need to configure Unimus to use it.
Edit '/etc/default/unimus', and add the following commands:
Code Block |
---|
-Dserver.ssl.key-store=unimus.keystore -Dserver.ssl.key-store-password=[insert password here] -Dserver.ssl.keyStoreType=PKCS12 -Dserver.ssl.keyAlias=Unimus |
Replace '[insert password here]' with the password you used for keystore creation.
Restart the Unimus service, and it should be available over HTTPS.
On Windows
Generate self-signed cert:
Code Block |
---|
set JAVA_HOME=C:\Program Files\Java\jre1.8.0_141
set KEYTOOL=%JAVA_HOME%\bin\keytool
cd "C:\Program Files\Unimus"
"%KEYTOOL%" -genkey -alias Unimus -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore unimus.keystore -validity 3650 |
Change JAVA_HOME to properly reflect the path to your JRE.
The default value will work for Oracle JRE, but for OpenJDK JRE it will be different.
During the cert generation, you will be asked for the keystore password.
Input the password you with to use (the keystore will be generated with such password) - you will need it in the next step.
After the cert was generated, you will need to configure Unimus to use it.
Edit 'C:\Program Files\Unimus\Unimus.l4j.ini', and add the following commands, one per line:
Code Block |
---|
-Dserver.ssl.key-store=unimus.keystore
-Dserver.ssl.key-store-password=[insert password here]
-Dserver.ssl.keyStoreType=PKCS12
-Dserver.ssl.keyAlias=Unimus |
Replace '[insert password here]' with the password you used for keystore creation.
Restart the Unimus service, and it should be available over HTTPS.