Setting up a Keystore File for Business Directory

The Java key and certificate management tool, keytool, is available for administering public/private key pairs and certificate authorities.

This topic describes how to set up a keystore file for Business Directory. A generalized description of the procedure for setting up keystore and truststore files for all TDV components is in the TDV Administration Guide.

To set up a keystore file for Business Directory

Verify that a key exists in the keystore you want to use:

cd <BD_install_dir>/jdk/bin

keytool -list -keystore <keystore_location> -storepass <password> -v > keystore.txt

If no Business Directory key exists, obtain one or generate one using the keytool utility.

Search the text file for Entry type: PrivateKeyEntry.

Make note of the value from Alias name: <alias_name>.

Copy the keystore to a directory of your choice.

Open <BD_install_dir>/bd/conf/server/server_values.xml in a simple editor like Wordpad.

Note: If you open the file in Word, it will display an interpreted form of the XML file instead of the raw file.

Change the values of three attributes:

Keystore Key Alias (On Server Restart)
For example, the alias name might be cis_server

<common:attribute>

		<common:name>/server/communications/KeystoreKeyAliasOnServerRestart</common:name>

		<common:type>STRING</common:type>

		<common:value>[alias_name]</common:value>

</common:attribute>

Keystore File Location (On Server Restart)
For example, C:/Program Files/TDV/BD 7.0/conf/server/security/cis_server_keystore.jks

<common:attribute>

		<common:name>/server/communications/KeystoreLocationOnServerRestart</common:name>

		<common:type>STRING</common:type>

		<common:value>[keystore_location <fulldirectorypath>/mykeystore.jks]</common:value>

</common:attribute>

Keystore Password (On Server Restart), which will be encrypted automatically when the server restarts

<common:attribute>

		<common:name>/server/communications/KeystorePasswordOnServerRestart</common:name>

		<common:type>PASSWORD_STRING</common:type>

		<common:value>[unencrypted_password_string]</common:value>

</common:attribute>

If necessary, change the value of one other attribute:

Keystore File Type (On Server Restart)
For example, JKS or PKCS12

<common:attribute>

		<common:name>/server/communications/KeystoreTypeOnServerRestart</common:name>

		<common:type>STRING</common:type>

		<common:value>[JKS]</common:value>

</common:attribute>

Restart Business Directory.

Did you find this helpful?

Yes No