Creating a self-signed client certificate

The client certificate is used to log in and authenticate a user with i2 Analyze. Use the Java keytool utility to create a self-signed certificate.

About this task

Create a self-signed certificate to use as a client certificate to demonstrate a working configuration. If you are using client certificates that are signed by a certificate authority, you do not need to complete the following instructions.

Procedure

Create a keystore and self-signed certificate for a user by using the Java keytool utility.

  1. Open a command prompt and navigate to the i2analyze\deploy\java\bin directory.

  2. Create a keystore and certificate.

    For example, run the following command:

    keytool -genkeypair -alias "<username>" -keystore "C:\i2\i2analyze\<username>.p12" -dname "CN=<username>" -keyalg RSA -storepass "<password>"

    Important: Ensure that the value of CN matches the name of a user in the user registry for i2 Analyze. The user name cannot contain a comma (,).

    If you are using the example user registry, set the <username> to Jenny.

    Note: You will use the keystore to install the certificate on a client machine later.

  3. Export the certificate from the keystore.

    For example, run the following command:

    keytool -exportcert -alias "<username>" -keystore "C:\i2\i2analyze\<username>.p12" -file "C:\i2\i2analyze\<username>.der" -storepass "<password>"

    Note: You will import the certificate into the Liberty truststore later.