Obtaining and Installing an SSL Certificate¶
Before enabling SSL in the Solution Manager servers and clients, you need to create a keystore with a key pair (a public key and associated private key) and a certificate.
To generate a new keystore, follow one of these options:
- If you do not have an SSL private key, you can create a keystore with a self-signed private key.
- If you do not have an SSL private key, you can send a request to a certificate authority (CA) and create a keystore with the certificate reply.
- If you have a PFX file with the private key, create a keystore with its content.
- If you already have a keystore file (usually, this file has the extension “jks”), jump to the next section.
If you already generated a keystore for a Denodo server, you can reuse that keystore and its
cacerts file. To do this:
- Copy the keystore from the Denodo server installation (e.g.
C:/denodo/denodo_server_key_store.jks) to the installation of the Solution Manager.
- Replace the cacerts file of the Solution Manager (
<SOLUTION_MANAGER_HOME>/jre/lib/security/cacerts) with the cacerts file of the Denodo server installation (
<DENODO_HOME>/jre/lib/security/cacerts). This second step is important, to make sure that the Solution Manager trusts the private key inside the keystore.