Server certificates use the Java javax.net.ssl.keyStore system property. This can be specified using the -D Java virtual machine option or the -java-prop Web Interface Server command line option.
java -Djavax.net.ssl.keyStore=keystore.jks -Djavax.net.ssl.keyStorePassword=123456 -jar xds-server.jar -ssl or: java -jar xds-server.jar -java-prop javax.net.ssl.keyStore keystore.jks -java-prop javax.net.ssl.keyStorePassword 123456 -ssl
Clients can include certificates using the Java javax.net.ssl.trustStore system property.
java -Djavax.net.ssl.trustStore=keystore.jks -Djavax.net.ssl.trustStorePassword=123456 -jar xds-client.jar -xds-ssl -d sample.fo -o output.pdf or: java -jar xds-client.jar -xds-java-prop javax.net.ssl.trustStore keystore.jks -xds-java-prop javax.net.ssl.trustStorePassword 123456 -xds-ssl -d sample.fo -o output.pdf
Here is an example using a self signed certificate in order to test the SSL functionality. The keytool application ships with the Java Development Kit. An example key is included in the samples directory (keystore-for-testing-dont-use-in-production.jks).
CAUTION: | This self signed certificate should only use for testing. Don't use in production. |
---|
keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass 123456 -validity 360 -keysize 2048
java -Djavax.net.ssl.keyStore=keystore.jks -Djavax.net.ssl.keyStorePassword=123456 -jar xds-server.jar -ssl
java -Djavax.net.ssl.trustStore=keystore.jks -Djavax.net.ssl.trustStorePassword=123456 -jar xds-client.jar -xds-ssl -d sample.fo -o output.pdf
SSL debugging can be enabled by setting the javax.net.debug property to ssl.