Adding certificates into Unravel Truststore
The following certificate formats are supported:
PEM (.pem)JKS (.jks)PKCS12 (pkcs12, .p12, .pfx)
All the certificates are stored in data/certificates by default.
You must add the certificate to the Truststore and then enable the Truststore.
Adding certificate to the Truststore
Multiple certificates can be passed through trust add command, and it can also be called multiple times. All the calls will add the certificates to the trust store. By default, the store is located at data/certificates/trusted_certs.pem and trusted_certs.pkcs12
In case the chain of trust cannot be established for a given certificate, the missing parts of the trust chain can be added to the Truststore.
Run the following steps from the manager tool to add certificates to the Truststore:
|
Step No. |
Command |
|---|---|
|
Step 1 Autodetect file format based on the extension. |
manager config tls trust add |
|
Step 2 Force the uploading of certificate (pem/jks/pkcs) files. |
manager config tls trust add --pem |
|
manager config tls trust add --jks |
|
|
manager config tls trust add --pkcs12 |
Enabling/Disabling the Truststore
The trust store can be enabled or disabled without affecting the list of trusted certificates.
Run the following from the manager tool:
manager config tls trust
<enable|disable>After enabling/disabling the Truststore, stop Unravel.
manager stop
Refresh the files and then start Unravel again.
manager refresh files manager start