Generate KeyStore

To set up a keystore for tia core you have to use the kgs create-keystore tool.

Caution: please use a java version that is newer or equal to the java version used in your tia Content Server instance.

Check if your java version ist set up correctly.

The output should look like the following screenshot

Open

Open

Navigate to the directory path where you have downloaded the kgs create-keystore tool and open powershell or terminal

Open

After executing the create-keystore tool there should be two generated files.

One keystore file and one vault file. Do not try to rename one of these generated files.

Both files should be provided to the tia Content Server according to the configuration specified in your tia contntserver repository.cfg. The vault file is used by tia core to read the password to having access to the keystore.

Import a password

This password is used to store passwords in combination with alias in case of encryption service or access to blob storages (Azure, Amazon etc.) or anything else.

Caution: please use a java version that is newer or equal to the java version used in your tia Content Server instance.

With this command keytool asks for the password and store it in the keystore. Use the alias in repository.cfg for secret information like passwords, connectionstrings or encryption keys.

List all entries

if you want to know which entries are contained in your existing keystore, please use the following command

example → 1 entry with alias webserver

Provide keystore to the tia contentserver

modify your repository.cfg as follows

restart the tia contentserver service and check the repository status in the tia web ui

as of now, you can send certificates to the contentserver and view them via the tia web ui

shown certificate details