| Info |
|---|
This article is valid for Smart ID Identity Manager 24.R1. |
The bootstrap CA certificate generated by the procedure below will have a validity of 20 years, and each end-entity certificate will be valid for 1 year.
The generated PINs for every P12 file are automatically scrambled.
No keys and certificates will be generated for descriptions which absent from signencrypt.xml.
...
Open a command-line window.
Change to the unpacked bootstrap folder containing create_sign_encrypt_certs.sh /(linux) or create_sign_encrypt_certs.bat (windows).
Execute the respective script for your OS.
Linux:
./create_sign_encrypt_certs.sh --targetDir /PATH/TO/TOMCAT/webapps/idm-operator/WEB-INF/classes [OPTIONAL ARGS]Windows:
create_sign_encrypt_certs.bat --targetDir C:\PATH\TO\TOMCAT\webapps\idm-operator\WEB-INF\classes [OPTIONAL ARGS]
See full usage for optional arguments (if you need the plain text passwords of the generated P12 files, then adding the passwordList argument is recommended):create_sign_encrypt_certs.bat / create_sign_encrypt_certs.sh--caDir <dir> CA cert directory - absolute or relative tobootstrapping directory (default: cacerts)--configFile <file> config to modify - absolute or relative totarget directory (default:engineSignEncryptConfig.xml)--passwordList <file> optionally create file which lists unscrambledpasswords - absolute or relative to targetdirectory (will overwrite existing)--targetDir <dir> target directory for certificates - absoluteor relative to current directory
Copy all P12 files and engineSignEncryptConfig.xml from idm-operator/WEB-INF/classes to idm-admin/WEB-INF/classes
(optionally you can prune the files and XML entries which IDM Admin does not need).
...
Additional information
| Expand | ||
|---|---|---|
| ||
...