Changes between Version 11 and Version 12 of IdpKeyRollOver
- Timestamp:
- 09/28/11 09:38:48 (13 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
IdpKeyRollOver
v11 v12 197 197 }}} 198 198 199 10. Create a new Java Key Store for Tomcat containing the new key/cert for securing the back channel. You will need the !ImportKey Java utility for importing a pre-existing cert/key into a Java Key Store. You can get it from: [[ImportKeyUtil|Import Key Utility]].199 10. Create a new Java Key Store for Tomcat containing the new key/cert for securing the back channel. You will need the !ImportKey Java utility for importing a pre-existing cert/key into a Java Key Store. You will also need the !InCommon intermediary cert, and the !AddTrust Root CA cert for this process. See [[=#ImportKeyUtil|'''Import Key Util''']], [!InCommon], and [!AddTrust] for more. 200 200 {{{ 201 201 -bash-3.2$ openssl pkcs8 -topk8 -nocrypt -in idp.new.key -out idp.new.key.der -outform der … … 233 233 234 234 12. Test config changes according to [[https://iam.alaska.edu/shib/wiki/TestIdPConfig|Test IdP Config Change]] procedure. 235 236 References: 237 * [=#ImportKeyUtil][[ImportKeyUtil|Import Key Utility]] 238 * [[https://www.incommon.org/cert/repository/AddTrustExternalCARoot.txt|AddTrust External CA Root]] 239 * [[https://www.incommon.org/cert/repository/InCommonServerCA.txt|InCommon Server CA]]
