Set up trusted CA certificate
You can enable SSL for the DAS Engine using a certificate from a trusted Certificate Authority (CA). Certificates from a trusted CA are primarily used in production environments. For a test environment, you can use a self-signed certificate.
- You must have root user access to the clusters on which DAS Engine is installed.
- You must have obtained a certificate from your CA, following their instructions.
- Log in as root user on the cluster with DAS Engine installed.
Import the Certificate Chain Certificate and the certificate you obtained from
keytool -import -alias root -keystore <path_to_keystore_file> -trustcacerts -file <certificate_chain_certificate>
keytool -import -alias jetty -keystore <path_to_keystore_file> -file <certificate_from_CA>NoteIgnore the following warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore <keystore_file_path> -destkeystore <keystore_file_path> -deststoretype pkcs12".