Extracting the SSL Certificate to a Certificate File
To achieve this, do the following
- Login to the eG manager.
- Set the java_home environment variable to point to the Java installation directory.
- Then, go to the command prompt.
-
Execute the following command:
cd %JAVA_HOME%\bin
keytool -export -alias egitlab1 -keystore <filename>.keystore –storepass mykey -keypass mykey -file C:\tmp\eGCert.cer
The text in Bold in the above command line indicates those inputs that can change according to the requirements of your environment. These inputs have been described below:
-
-alias : the alias name of the certificate being extracted; make sure that you provide the same alias name that you provided while generating the keystore file (see Generating the Keystore File or Generating a Keystore File). If you are extracting the SSL certificate from the default keystore that is bundled with the eG manager, then first determine the alias name using which the keystore file was created. For this, from the <eg_Install_dir>\java\jdk\bin directory, run the following command:
keytool –list –v –keystore egmanager.bin
This command will prompt for the keystore passphrase. Type eginnovations and press Enter. This will provide the details of the default keystore. From these details, you can infer the Aliasname.
- -keypass : the password used to protect the key that was generated; make sure that you provide the same password that you provided while generating the keystore file (see Generating the Keystore File or Generating a Keystore File). Also, note that -storepass and -keypass should be the same. If you are extracting the SSL certificate from the default keystore that is bundled with the eG manager, then the –storepass and –keypass should be eginnovations.
- -keystore : Provide the name of the keystore file in which the key has been stored; specify the same file name that you used to store the key (see Generating the Keystore File or Generating a Keystore File).
- -file : Specify the full path to and the name of the certificate file (.cer) to which the certificate has to be exported
-
- Once the keytool command successfully executes, the certificate file will be created.
- Finally, copy the certificate file from the eG manager to any location (say, C:\tmp) on the eG agent host.