Jetty/Tomcat SSL/TLS Keystore #
Attantion
Ici, mdp 02 :
Ici, mdp 02 :
changeit est litéralement le mot de passe !
#JETTY
sudo mkdir /opt/data/srv/jetty/geoserver-base/etc
sudo chown -Rf jetty:jetty /opt/data/srv/jetty/geoserver-base/etc
sudo rm -Rf /opt/data/srv/jetty/geoserver-base/etc/keystore
sudo keytool -genkey \
-alias geoserver_localhost \
-keystore /opt/data/srv/jetty/geoserver-base/etc/keystore \
-deststoretype pkcs12 \
-storepass ChangeMePassword \
-keypass ChangeMePassword \
-keyalg RSA \
-keysize 2048 \
-dname "CN=geo-ressources.vienne-condrieu-agglomeration.fr, OU=geo-ressources.vienne-condrieu-agglomeration.fr, O=Unknown, L=Unknown, ST=Unknown, C=FR"
sudo keytool -importkeystore \
-srckeystore /etc/ssl/certs/java/cacerts \
-destkeystore /opt/data/srv/jetty/geoserver-base/etc/keystore \
-deststoretype pkcs12
mdp 01 : ChangeMePassword
mdp 02 : changeit
sudo keytool -import -alias cert_ssl -file /opt/data/vca/ssl/live/2025/vienne-condrieu-agglomeration.fr.crt -keystore /opt/data/srv/jetty/geoserver-base/etc/keystore
mdp 01 : ChangeMePassword
oui
sudo chown -Rf jetty:jetty /opt/data/srv/jetty/geoserver-base/etc/keystore
sudo chmod -Rf 755 /opt/data/srv/jetty/geoserver-base/etc/keystore
ls -l /opt/data/srv/jetty/geoserver-base/etc/
#BEFORE ADD to start.ini
java -cp /opt/data/srv/jetty/lib/jetty-util-9.4.30.v20200611.jar org.eclipse.jetty.util.security.Password ChangeMePassword
2025-01-15 14:11:41.165:INFO::main: Logging initialized @2062ms to org.eclipse.jetty.util.log.StdErrLog
ChangeMePassword
OBF:1hgc1jfw1axf1abe1abo1awb1jde1heq
MD5:24d00da906c829af7987d7ab90355699
#ADD to start.ini
#SSL
-Djavax.net.debug=ssl,keymanager
# -Djavax.net.debug=all
-Djavax.net.ssl.keyStore=etc/keystore
-Djavax.net.ssl.keyStorePassword=OBF:1hgc1jfw1axf1abe1abo1awb1jde1heq
-Djavax.net.ssl.keyStoreType=PKCS12
-Djavax.net.ssl.trustStore=etc/keystore
-Djavax.net.ssl.trustStorePassword=OBF:1hgc1jfw1axf1abe1abo1awb1jde1heq
-Djavax.net.ssl.trustStoreType=PKCS12