Welche Zertifikats-Formate werden vom Gateway unterstützt?
Welche Formate verwendet werden können, hängt vom Tomcat/Microservice ab.
Aktuell unterstützen wir:
JKS, PKCS11 und PKCS12
Configuration
Prepare the Certificate Keystore
Tomcat currently operates only on JKS, PKCS11 or PKCS12 format keystores. The JKS format is Java's standard "Java KeyStore" format, and is the format created by the keytool command-line utility. This tool is included in the JDK. The PKCS12 format is an internet standard, and can be manipulated via (among other things) OpenSSL and Microsoft's Key-Manager.
Each entry in a keystore is identified by an alias string. Whilst many keystore implementations treat aliases in a case insensitive manner, case sensitive implementations are available. The PKCS11 specification, for example, requires that aliases are case sensitive. To avoid issues related to the case sensitivity of aliases, it is not recommended to use aliases that differ only in case.
To import an existing certificate into a JKS keystore, please read the documentation (in your JDK documentation package) about keytool. Note that OpenSSL often adds readable comments before the key, but keytool does not support that. So if your certificate has comments before the key data, remove them before importing the certificate with keytool.
Links zu weiteren Seiten:
Link/Doku im bei unseren Help-Seiten: bei HTTPS dem Link folgen
https://help.optimal-systems.com/enaio/v100/admin/administrator/de/dienste/gateway.htm?Highlight=zertifikatdirekter Link zu den Tomcat/Microsservice-Seiten mit den entsprechenden Infos:
Suche den Eintrag "Prepare the Certificate Keystore"
https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html
Für Details bitte Link zum Tomcat bei unseren Help-Seite über das enaio Gateway (speziell HTTPS) anklicken.