Follow the steps below to enable One-way SSL server authentication for RCP. To include client authentication (two-way SSL mutual authentication), continue the steps in /wiki/spaces/MD94/pages/352186038 Enable Two-way SSL On RCP.
Setting Up with a New Keystore File
Run the mzsh keytool generate command to create a new keystore file contains a new self-signed certificate. The certificate generated by the command will have the alias: Platform.
Enable TLS on RCP with a new keystore.
Code Block $ mzsh keytool generate -k <keystore file> --enable-tls rcp
Example, this command will create a new keystore file (contain self-signed certificate) in $MZ_HOME/keys and enable TLS on RCP.
Code Block $ mzsh keytool generate -k $MZ_HOME/keys/container.keys --enable-tls rcp
Restart the Platform.
Setting Up With an Existing Keystore File
If you already have a keystore file, place it in anywhere on the installation. Run the platform machine. Then, run the mzsh keytool command with the enable-tls option and provide the full path to the keystore file.
...
| Info |
|---|
The |
| Scroll ignore | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||
|