Configuring HTTPS for Your Operational Environment
Chapter 2 Installing PATROL DashBoard 47
■ each of the distinguished name (DN) subcomponents:
—
Common Name: When you are prompted for your first and last name, enter
the PATROL DashBoard server’s fully qualified DNS host name.
This must be the host name part of the PATROL DashBoard URL that you use
in your browser when launching PATROL DashBoard.
—
Organization Unit: Enter your department or division name (for example,
Purchasing).
—
Organization Name: Enter your company name (for example, BMC Software,
Inc.
).
—
localityName: Enter your city name (for example, Houston).
—
stateName: Enter your state or province name (for example, Texas).
—
country: Enter the 2 -letter country code (for example, US).
The
keytool command creates the keystore named keystore in the current directory
and assigns it the password you provided. It generates a public/private keypair
for the entity whose distinguished name you specified. It uses the default RSA key
generation algorithm to create the keys, both 1024 bits long. It creates a self-signed
certificate (using the default MD5withRSA signature algorithm) that includes the
public key and the distinguished name information. This certificate will be valid
for 365 days, and it is associated with the private key in a keystore entry referred to
by the alias tomcat. The private key is assigned the password that you provided. It
must be the same password as the one used for the keystore.
3 Return to “To Configure HTTPS for a PATROL DashBoard Server or a PATROL
DashBoard Corporate Edition Module” on page 45, and proceed with step 5.
For more information about the
keytool command, direct your Web browser to the
following URL: http://java.sun.com/j2se/1.4.1/docs/tooldocs/tools.html#security
.
Then, on the right side of the keytool section, click the type of operating system on
which you are running PATROL DashBoard.
To Generate a Certificate Signing Request and Send it to a Certificate Authority
1 In the PATROL DashBoard installation directory, issue the following command:
keytool -certreq -keystore keystore -alias tomcat -file tomcat.csr
This command creates a Certificate Signing Request (CSR) for the entity identified
by the default alias tomcat and puts the request in the file named
tomcat.csr.
