21.2 Creating and Importing a Custom Certificate

To create and import a custom certificate:

1. Create the public and private key using the following command:

   openssl req -new -text -out <public_key_name> -keyout <private_key_name>

2. Create a self-signed X.509 certificate using the following command:

   openssl req -x509 -days 365 -in
    <public_key_name> -text -key
    <private_key_name> -out
    <certificate_name>

3. Import the generated certificate into the Sentinel Keystore:

   <sentinel_installation_path>
   /opt/novell/sentinel/bin/javacert.sh --import
    <sentinel_installation_path>
   /etc/opt/novell/sentinel/config/.webserverkeystore.jks
    <password of the keystore>  <alias_name> <certificate_name>

4. Convert the generated certificate into the p12 format:

   openssl pkcs12 -inkey <private_key_name>  -in <certificate_name> -export -out <certificate_name.p12>

5. To view the imported certificates list in the Keystore, run the following command:

   <sentinel_installation_path>
   /opt/novell/sentinel/jdk/jre/bin/keytool -list -keystore 
   /etc/opt/novell/sentinel/config/.webserverkeystore.jks

6. Restart the Sentinel server.