1. Creating the Self-Signed Certificate
The Java Developer's Kit includes a utility to create certificates. Go to a command line and navigate to your JRE directory where keytool.exe is located. Type the following command:
keytool -genkey -alias cert4stat -keyalg RSA -keystore cert4stat
This command tells Java to generate a key. Actually, it does two things:
- It creates a new key; and
- If necessary, it creates a collection of keys (called a "key store") to put the key in.
There are some prompts that look like this:
2. Moving the Keystore
By default, the keytool puts information in the "Documents and Settings" directory for your userid. In this example, we'd find that they keystore has been created as a file called:
C:\TEMP\cert4stat
• Browse to C:\TEMP\cert4stat
• Rename your generated keystore to key4stat.jks
• Copy the key4stat.jks to the SCA machine under STAT_HOME\app\standalone\configuration
3. Update the Configuration File
Go to the SCA machine
Shutdown the stat agent
Delete tmp and work folder
Edit the file STAT_HOME\app\bin\standalone.conf.bat and comment the line below to point to the right file for https:
rem set SERVER_CONFIG=standalone-full.xml
set SERVER_CONFIG=standalone-full-https.xml
Under STAT_HOME\app\standalone\configuration edit the standalone-full-https.xml for the tag below:
<ssl>
<keystore keystore-password="key4stat" path="key4stat.jks" relative-to="jboss.server.config.dir"/>
</ssl>
4. Restart the SCA and open the browser to reconfigure the SCA for HTTPS. For example, "https://localhost:8443/stat-config"
5. Once saved the Configuration page successful and restart the SCA you should be able to login the Web Client.
Click to Continue to this website
And as you can see, port 8080 in this case became 8443 when configuring web client to use https
Even if you have not Trusted certified this is just to prove that Stat Web is working in HTTPS with a keystore self-signed certificate.