The SSL certificate that is provided with the server during installation is a sample certificate only. If you want to use SSL for communicating with your MySQL Enterprise Service Manager and MySQL Enterprise Dashboard you should replace the supplied certificate with your own certificate.
The certificate keystore is located in the
apache-tomcat/conf/myKeyStore
file within
your MySQL Enterprise Service Manager installation.
To create a new, self-signed, certificate, use the keytool command (provided with Java SE Security) to create a new certificate file:
shell> keytool -genkey -alias tomcat -keyalg RSA -validity 1825 -keystore newKeystore
You will be prompted to fill in the certificate information and to provide a unique password for the certificate.
The -validity
specifies the length of the
certificate created, specified in days. The
-alias
is required to ensure that the
certificate is associated with tomcat
.
Once you have created the new keystore, you should shutdown
MySQL Enterprise Service Manager, copy the new keystore file to
apache-tomcat/conf/myKeyStore
and restart
MySQL Enterprise Service Manager.
If you have an existing certificate that you would like to import into your keystore, you need to import the certificate using the following command:
shell> keytool -import -alias tomcat -keystore newKeystore -file public.pem
For more information on using SSL certificates in Tomcat see Apache Tomcat 6.0: SSL Configuration HOW-TO.