Select the server certificate file, and click Import.Įnter the Key Pair entry password, then click OK. Keystore explorer create jks password#Import the server certificate into the server keystore, then click OK.Įnter the decryption password associated with the certificate file. Right click, select Export > Export Key Pair.Įnter the password for the certificate file, then click Export. Select the master keystore, and select the server certificate to export to a file. Keep the keystore open to import the correct server certificate into the keystore for the next step. Ensure that you use the same name for all the server certificates.Ĭreate a new folder with the server FQDN as the name, and save the keystore inside the folder. The server keystore is a Java key store.Įnter the keystore password and click Ok to save. Select JKS as the keystore type, then click OK. The certificate name include the following details: Right click and select Sign > Sign New Key Pairfor each server.Įnter the key password for the certificate.Īccept the defaults, and enter the Name details. Keystore explorer create jks download#Tip: You can download the KeyStore Explorer at. The KeyStore Explorer is an open source utility to open the master keystore (used in the image below). Open your master keystore using a tool of your choice if you have stored your SSL Certificate in the master keystore. You may use your own naming conventions, but ensure you are copying the correct server certificate to each server in your cluster. Note: The naming conventions used in this section are for reference only. Once you have created and saved an SSL certificate, you will create a keystore on your Kafka brokers in the Hadoop Cluster. Import the SSL certificate trust chain into the truststore. Note: The same truststore can be used for all servers. Import the server certificate into the server keystore. Create a server keystore for each server.Tip: For easier identification of the server, use the subject equal to the fully qualified domain name (FQDN). Note: The CA is required for signing all server certificates with a trust chain.Ĭreate a server certificate for each server. You can create a self-signed certificate or use certificates that are signed by a CA, such as Verisign. Create a CA-signed SSL certificate to sign all server certificates with a trust chain.You may already have a master keystore in which you can store your certificate authority (CA) signed SSL certificate. (Optional) Create a master keystore to store all the certificates centrally.The Secure Sockets Layer (SSL) configuration process for Kafka Brokers consists of four parts, including:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |