CertStore CreateJKS
In most cases, certificate stores will already exist on the client machine prior to configuration within Keyfactor Command. For example, the IIS Personal Store exists on each windows machine independently of Keyfactor Command installation. In other cases, such as PEM
A PEM format certificate file is a base64-encoded certificate. Since it's presented in ASCII, you can open it in any text editor. PEM certificates always begin and end with entries like ---- BEGIN CERTIFICATE---- and ----END CERTIFICATE----. PEM certificates can contain a single certificate or a full certifiate chain and may contain a private key. Usually, extensions of .cer and .crt are certificate files with no private key, .key is a separate private key file, and .pem is both a certificate and private key. files, the file can be created when a certificate is added. However, with a Java Keystore A Java KeyStore (JKS) is a file containing security certificates with matching private keys. They are often used by Java-based applications for authentication and encryption., creating the store on the file system and adding certificates to it are different operations. The CreateJKS method supports scheduling creation of a Java Keystore A Java KeyStore (JKS) is a file containing security certificates with matching private keys. They are often used by Java-based applications for authentication and encryption. as a Keyfactor Command Agent job. The structure of this request is given in Table 705: POST /CreateJKS Request Body while the response is the same as for AddCertStore (see Table 699: POST /AddCertStore Response Body).
Table 705: POST /CreateJKS Request Body
|
Parameter Name |
Parameter Value |
|---|---|
|
ClientMachine |
Machine on which the certificate store will reside. |
|
StorePath |
Path and filename of the certificate store to be created. |
|
Password |
Password to use for the new store. |
Example Request
POST http://<host>/CMSApi/CertStore/1/CreateJKS HTTP/1.1
{
"ClientMachine" : "192.168.41.171",
"StorePath" : "/opt/cms-java-agent/config/trust.jks",
"Password" : "changeit"
}
