Security (3.1)
The Security profile is a generic profile that you can use to make encryption configurations that can be used by various agents. For example, the HTTP/2 and Kafka agents.
The profile consists of three tabs: General, Advanced, and External Keystore.
General Tab
Keystore Settings
The following settings are available:
Field | Description |
---|---|
Type | You can select from the following options:
Selecting External Keystore or <None> disables the rest of the keystore settings. Selecting External Keystore will require the more input in External Keystore tab. |
Path | Enter the location of the keystore from which you want to read the key. |
Password | Enter the keystore password. |
Public Key Alias | The encryption alias to use. When configuring a client, it should be the alias to the server's public certificate. If left empty the Keystore Alias will be used to encrypt the message. |
Private Key Alias | If the keystore contains more than one key, specify the alias of the key that you want to use. |
Key Password | The Key Password field is optional. You can enter the key password, or if you leave this field empty, the Password that you entered is the default. |
Example - How to create a symmetric crypto key
$ keytool -keystore test.ks -storepass password -genseckey -keysize 128 -alias testkey -keyalg AES
Example - How to create a Keystore file with security contents
This example code shows how to create a Java keystore file for both the server and client connection. This will generate the file, containing the associated security certificate, and the public and private keys.
keytool -genkey -alias server -keyalg RSA -keystore ./server.jks