Search
Clear search
Close search
Google apps
Main menu
true

Generate and export a self-signed certificate on the connector host

To enable Connectors 4 security, you need to generate a self-signed certificate and add it on the GSA and in the connector's trusted store.

To generate and export a self-signed certificate on the connector host:

  1. Within the connector’s directory, run the following command:

    keytool -genkeypair -keystore keys.jks -storepass changeit -keypass changeit -alias adaptor -keyalg RSA -validity 365

  2. For "What is your first and last name?," enter the hostname of the connector’s computer. You can answer the other questions how you wish (including not answering them).
  3. For "Is CN=yourcomputershostname, OU=... correct?," answer yes.
  4. While still in the connector’s directory, run the following command:

    keytool -exportcert -alias adaptor -keystore keys.jks -storepass changeit -keypass changeit -rfc -file adaptor.crt

  5. Copy cacerts from Java to the connector's directory.

    For Windows, run the following command:

    copy PATH\TO\JRE\lib\security\cacerts cacerts.jks

    For Linux, run the following command:

    cp PATH/TO/JRE/lib/security/cacerts cacerts.jks

  6. To allow the connector to trust itself, run the following command:

    keytool -importcert -keystore cacerts.jks -storepass changeit -file adaptor.crt -alias adaptor

  7. For "Trust this certificate?," answer yes.

You can proceed with uploading adaptor.crt on the GSA. For instructions, see Uploading a Certificate Authority Certificate.

Was this article helpful?
How can we improve it?