Configuring the truststore

To enable the i2 Analyze server to trust the client certificates, you must ensure that the signer of your client certificates is trusted within the Liberty truststore.

About this task

If you are using client certificates that are signed by a certificate authority, ensure that the certificate authority that signed the certificates is trusted within the Liberty truststore.

Procedure

The Liberty truststore must contain the certificates to ensure that the certificates received from the client are trusted.

  1. Run the following command to import the required certificate into the truststore. If the truststore does not exist, it is created:

    keytool -importcert -alias "<signerKey>" -keystore "C:\i2\i2analyze\i2-liberty-truststore.p12" -file "C:\i2\i2analyze\<signer-certificate>.der" -storepass "<password>"

    Note: When you are using a self-signed client certificate, add the self-signed client certificate as a signer certificate. For example, Jenny.der.

Results

The truststore contains the signer certificates so that the client certificates can be trusted. The truststore is populated so that Liberty can use it to trust the client certificates.