File Names for Certificates and Keys
For all parameters that specify the identity (digital certificate), private key, issuer (certificate chain), or trusted list of certificate authorities, valid files must be specified. Not all types of files are supported for clients and servers. The description of each parameter details which formats it supports.
The following table lists the valid types of files.
Extension | Description |
---|---|
.pem | PEM encoded certificates and keys (allows the certificate and private key to be stored together in the same file) |
.der | DER encoded certificates |
.p8 | PKCS#8 file |
.p7b | PKCS#7 file |
.p12 | PKCS12 file (allows the certificate and private key to be stored together in the same file) |
.jks | Java KeyStore file |
Certificates are located in the EMS_HOME/samples/certs directory. EMS is installed with some sample certificates and private keys that are used by the sample configuration files.
The sample certificates include:
- A root, self-signed certificate and corresponding private keys in encrypted PEM and PKCS8 formats:
server_root.cert.pem server_root.key.pem server_root.key.p8
- A server certificate and corresponding private keys in encrypted PEM and PKCS8 formats. This certificate is issued by
server_root.cert.pem and is used by the server:
server.cert.pem server.key.pem server.key.p8
- A root, self-signed certificate and corresponding private key in encrypted PEM and PKCS8 formats.
client_root.cert.pem client_root.key.pem client_root.key.p8
- A client certificate and corresponding private key in encrypted PEM and PKCS8 formats. This certificate is issued by
client_root.cert.pem and is used by the clients:
client.cert.pem client.key.pem client.key.p8
- A PKCS12 file that includes the
client.cert.pem client certificate, the
client.key.pem client private key, and the
client_root.cert.pem issuer certificate:
client_identity.p12
- An identity file to be used with the
--https-identity command line option for Central Administration, along with the corresponding self-signed root certificate to be used by web browsers connecting to Central Administration through HTTPS:
emsca_https_identity.p12 emsca_https_root.cert.pem
Copyright © 2021. Cloud Software Group, Inc. All Rights Reserved.