The mzsh keytool enable-tls command from the Enable One-way SSL On RCP section will automatically configure these the properties listed below in the Platform containerautomatically , except property pico.rcp.tls.require_clientauth. You can also manually change the value of this propertythese properties.
Do a mzsh topo open container to view the platform container.conf.
Info
Quotes and double quotes surrounding the target path and property names are required for some properties to prevent overwriting. For further information, see Working with STR.
pico.rcp.tls.keystore
This property is to set the keystore file path. If this property is not set, TLS will not be used.
...
Code Block
language
text
$ mzsh topo set 'topo://container:<container>/val:common."pico.rcp.tls.keystore"' <keystore path>
Example command:
Code Block
language
text
$ mzsh topo set 'topo://container:platform/val:common."pico.rcp.tls.keystore"' $MZ_HOME/keys/keystore.p12
Info
Note: Full Path to the keystore file is required.
pico.rcp.tls.keystore.alias
Use this property if the keystore contains multiple private keys. RCP will prefer to use the key with this keystore alias. If it is not set and the keystore contains more than one private key, it is undefined which key is used.
...
Code Block
language
text
$ mzsh topo set 'topo://container:<container>/val:common."pico.rcp.tls.keystore.alias"' <alias>
Example command:
Code Block
language
text
$ mzsh topo set 'topo://container:platform/val:common."pico.rcp.tls.keystore.alias"' platform
pico.rcp.tls.keystore.password
Use this property to set the keystore password, which is the password we entered while creating keystore.
...
Code Block
language
text
$ mzsh topo set 'topo://container:<container>/val:common."pico.rcp.tls.keystore.password"' \
`mzsh encryptpassword <password>`
Example command:
Code Block
language
text
$ mzsh topo set 'topo://container:platform/val:common."pico.rcp.tls.keystore.password"' \
`mzsh encryptpassword dr`
pico.rcp.tls.key.password
Use this property to set password for the key, as chosen in keytool. By default this is the same as the keystore password. (This is the default for keytool).
...
Code Block
language
text
$ mzsh topo set 'topo://container:<container>/val:common."pico.rcp.tls.key.password"' \
`mzsh encryptpassword <password>`
Example command:
Code Block
language
text
$ mzsh topo set 'topo://container:platform/val:common."pico.rcp.tls.key.password"' \
`mzsh encryptpassword dr`
pico.rcp.tls.require_clientauth
This property is used if client authentication (two-way authentication) is required. The default value is false. Refer Enable Two-way SSL On RCP
Code Block
language
text
$ mzsh topo set 'topo://container:<container>/val:common."pico.rcp.tls.require.clientauth"' true
Example command:
Code Block
language
text
$ mzsh topo set 'topo://container:platform/val:common."pico.rcp.tls.require.clientauth"' true
Note
Restart Required
After the configuration is done all affected processes need to be restarted. Use the following command:
