Table of Contents

1. Prerequisites

Save the SSL certificates and keys to your disk, e.g. to /tmp.

You will need:

  • Certificate

  • Private key

  • Root CA Certificate

Open the Graphlytic certificates directory:

cd <graphlytic_directory>/certificates

Rename the original keystore file:

mv graphlytic-keystore graphlytic-keystore.original

Build the certificate chain. This is an optional step. If you don’t have a certificate chain, e.g. you are using a self-signed certificate, then skip this step.

cat /tmp/your_cert.crt <(echo) /tmp/root_ca.crt > /tmp/certs.crt

Convert the private key and certificate files into a PKCS12 file:

openssl pkcs12 -export -in /tmp/certs.crt -inkey /tmp/your_key.key -name gl-webapp > /tmp/certs.p12

You will be prompted to enter "export password", use "SomePass".

2. Add the certificate to Java KeyStore

Import the PKCS12 file into Java keystore:

keytool -importkeystore -srckeystore /tmp/certs.p12 -destkeystore graphlytic-keystore -srcstoretype pkcs12

You will be prompted to enter "destination keystore password" and "source keystore password", use "SomePass".

3. Restart Graphlytic

Restart Graphlytic because the keystone is loaded during the application start.