Creating the Configuration File
In order to add custom SSL Configuration to GMUS, the following properties should be provided in a property file:
- keystoreFile - This property should be set with the absolute path to the keystore file. The keystore file contains the server's certification, including its private key.
- truststoreFile -This property should be set with the absolute path to the truststore file. The truststore file contains certificates from other parties that is expected to be communicated with, or certificate authorities that are trusted to identify other parties
- keystorePassword - This property should be set with the password for the specified keystore file
- truststorePassword - This property should be set with the password for the specified truststore file
Refer to sample config file below:
Running GMUS Rest Server with the Configuration File
To run the GMUS Server for secured requested with custom SSL configuration, the command below should be run :
- portNumber - Preferred port number where GMUS REST should run
- configPath - Path to config file
Sample: genrocket -gmussr 8070 -gmusp config.properties
When providing custom SSL configuration, the following message above (in red box) will be shown when there is an API request. If not, please double check validity and correctness of the keystore and truststore configurations.
Generating Keystore and Truststore Files
If keystore and truststore files are not generated yet, please follow below steps:
1. In Server, generate keystore file
If CA-Cert, CA-key, and CSR are not yet existing, proceed to Step 2.
Otherwise, proceed to Step 5.
2. Generate CA-Cert and CA-key
3. Generate CSR (Certificate Signing Request)
4. Sign the certificate. Make sure to replace <yourpass> with preferred password
5. Import the CA-Cert to created keystore file
6. Import Signed Certificate to keystore file
7. In Client, Copy ca-cert and generate truststore
8. In Server, copy ca-cert and generate truststore