Old title: Create custom certificates for Tomcat installations (non-Docker)
TODO: new content explaining the new dev-/test tooling for WAR and Docker deployments, see also https://confluence.nexusgroup.com/pages/viewpage.action?pageId=211419460
This article is valid for Smart ID Identity Manager 24.R1.
For Tomcat Dev/Test Deployment
Requirements:
Tomcat folder containing IDM Operator and IDM Admin of IDM 24.R1 or later on Linux or Windows
unpacked bootstrap.zip for the respective IDM release
Instructions:
open a command-line window
change to the unpacked bootstrap folder containing create_sign_encrypt_certs.sh/.bat
execute the respective script for your OS
Linux:
./create_sign_encrypt_certs.sh --targetDir /PATH/TO/TOMCAT/webapps/idm-operator/WEB-INF/classes [OPTIONAL ARGS]Windows:
create_sign_encrypt_certs.bat --targetDir C:\PATH\TO\TOMCAT\webapps\idm-operator\WEB-INF\classes [OPTIONAL ARGS]
See full usage for optional arguments (if you need the plain text passwords of the generated P12 files, then adding the passwordList argument is recommended):create_sign_encrypt_certs.bat / create_sign_encrypt_certs.sh--caDir <dir> CA cert directory - absolute or relative tobootstrapping directory (default: cacerts)--configFile <file> config to modify - absolute or relative totarget directory (default:engineSignEncryptConfig.xml)--passwordList <file> optionally create file which lists unscrambledpasswords - absolute or relative to targetdirectory (will overwrite existing)--targetDir <dir> target directory for certificates - absoluteor relative to current directory
copy all P12 files and engineSignEncryptConfig.xml from idm-operator/WEB-INF/classes to idm-admin/WEB-INF/classes
(optionally you can prune the files and XML entries which IDM Admin does not need)
For Docker Dev/Test Deployment
xy
Additional information