Generate
...
KeyStore
To set up a keystore for tia core you have to use the kgs create-keystore tool.
Caution: please use a java version that is newer or equal to the java version used in your tia Content Server instance.
check Check if your java version ist set up correctly.
Code Block |
---|
java -version |
the The output should look like the following screenshot
...
View file | ||
---|---|---|
|
Navigate to the directory path where you have downloaded the kgs create-keystore tool and open powershell or terminal
...
One keystore file and one vault file. do Do not try to rename one of these generated files.
Both files should be provided to the tia Content Server according to the configuration specified in your tia contntserver repository.cfg. The vault file is used by tia core to read the password to having access to the keystore.
Import a password
This password is used to store passwords in combination with alias in case of encryption service or access to blob storages (Azure, Amazon etc.) or anything else.
Caution: please use a java version that is newer or equal to the java version used in your tia Content Server instance.
Code Block |
---|
keytool -importpass -storetype pkcs12 -alias <aliasName> -keystore <Keystorename> -storepass <key> |
With this command keytool asks for the password and store it in the keystore. Use the alias in repository.cfg for secret information like passwords, connectionstrings or encryption keys.
List all entries
if you want to know which entries are contained in your existing keystore, please use the following command
Code Block |
---|
keytool -list -storetype pkcs12 -keystore <Keystorename> -storepass <key> |
example → 1 Entry entry with alias webserver
...
Provide keystore to the tia contentserver
modify your repository.cfg as follows
Code Block |
---|
T1.keystoreservice.type = pkcs12
T1.keystoreservice.pkcs12.name = <keystorename>
T1.keystoreservice.pkcs12.path = C://<path-to-your-keystore>// |
restart the tia contentserver service and check the repository status in the tia web ui
...
as of now, you can send certificates to the contentserver and view them via the tia web ui
...
shown certificate details
...