2.8.2. Creating Suitable Certificates

By default, tpm can automatically create suitable certificates and configuration for use in your deployment. To create the required certificates by hand, use the following steps:

  • Generating a JGroups Certificate

    Run this command to create the keystore in /etc/tungsten. You may use your own location, but the values for -storepass and -keypass must match.

    shell> keytool -genseckey -alias jgroups \
      -validity 365 \
      -keyalg Blowfish -keysize 56 -keystore /etc/tungsten/jgroups.jceks \
      -storepass mykeystorepass -keypass mykeystorepass \
      -storetype JCEKS
  • Generating a TLS Certificate

    Run this command to create the keystore in /etc/tungsten. You may use your own location, but the values for -storepass and -keypass must match.

    shell> keytool -genkey -alias tls \
      -validity 365 \
      -keyalg RSA -keystore /etc/tungsten/tls.jks \
      -dname "cn=Continuent, ou=IT, o=VMware, c=US" \
      -storepass mykeystorepass -keypass mykeystorepass