Product Documentation
The signing keys should be regenerated after SKFS installation is completed. The steps are as follows:
- On the machine where SKFS is installed, login as strongkey user and change directory to keymanager director. Inside there is the keymanager.jar file which will help in regenerating signing keys for SKFS. For a list of possible operations, run the following command:
- Regenerate signing keys by running the command:
Assuming the keysore location is in the same place after installation, you command will look like this:java -jar keymanager.jar regeneratesigningkey <did> <keystore location> <truststore location> <keystore password> <algo>java -jar /usr/local/strongkey/keymanager/keymanager.jar regeneratesigningkey 1 /usr/local/strongkey/skfs/keystores/signingkeystore.bcfks /usr/local/strongkey/skfs/keystores/signingtruststore.bcfks Abcd1234! ECYou will get a response similar to this:
Regenerated signing key - Restart Glassfish for the changes to take effect.
sudo service glassfishd restart - When finished, if you are using SKFS in a cluster, copy and replace the keystore file signingkeystore.bckfs and signingtruststore.bcfks from the SKFS instance where signing keys where regenerated to other SKFS servers in the cluster and restart Glassfish.
Values
|
Value |
Explanation |
|---|---|
|
did |
Unique domain identifier that belongs to SKFS. |
|
keystore location |
Signing KeyStore location for SKFS. |
|
truststore location |
Signing TrustStore location for SKFS. |
|
keystore password |
Password for KeyStore. Default is Abcd1234! |
|
algo |
Algorithm used in the KeyStore; example RSA | EC. |