> CommCell Console > End User Access > Web Console > Administrators > Installing the Command Center > Post-Installation Configurations for Web Server and Command Center > Configuring Secured Access for Web Applications > Commvault Certificate Tool > Using the Commvault Certificate Tool

Generating a Key Pair

After you customize the settings in the configuration file, you must generate a key pair using the generate-keys action.

If you already have a keystore containing a CA-signed certificate, skip this procedure and configure the Commvault Tomcat service

Procedure

  1. Verify if the following settings are defined. You must have defined the settings in the step, Defining Settings in the Workspace Configuration File. If you missed the settings, define it before you generate a key pair.

    • distinguished-name*

    • domain-name*

    • server-ip (required only if domain-name is not provided)*

    • keystore-password*

    • workspace*

    • extension**

    • instance**

    • keyalg**

    • keysize**

    • keystore-alias**

    • keystore-filename**

    • keystore-type**

    • keytool-executable-path**

      *Required settings that you must enter.

      **Settings with default values that you might need to customize.

    For information about settings, see Settings for the Workspace Configuration File.

  2. Generate a new key pair using the following command:

    cvCertTool.cmd -workspace workspace_filepath generate-keys

    The new key pair will be placed in a newly created keystore file in your workspace.

    The keystore created must be used throughout the process, including all actions carried out by the tool. For example, once a CA-signed certificate is acquired, it must be imported back into the same keystore using the import-ca-certs action.

Page contents

×

Loading...