Skip to content

Replace the Session Server Certificate

Your installation is secured using self-signed certificates. Self-signed certificates, while just as secure as commercial certificates, aren’t automatically trusted. This makes them hard to manage. Commercial certificates are necessary when you need widespread support for your certificate and fortunately, most web browsers and operating systems already support many commercial certificate authorities.

Information you must know:

  • keystore location - /etc/keystore.bcfks

  • keystore format - bcfks (Bouncy Castle FIPS)

  • default password - changeit

  • key pair alias - servlet-engine

How to replace the self-signed certificate varies depending on whether you are replacing the self-signed certificate with one obtained through a CSR into the default keystore or whether you are replacing it with your own non-default keystore and certificate.

More information