Changing the adminweb key and certificate #269
-
|
I've just installed the Docker version of EJBCA and currently fumbling my way around moving my old CLI-based openssl home CA to this UI. Can't for the life of me figure out the "correct" way to change the actual webserver certificate presented by adminweb and RA GUI, though. Currently they're using the default ManagementCA 'container quickstart' certificate, and I'd like to switch it out for a cert that's trusted by my browsers! How do I change the web cert for adminweb and RA GUI? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 3 replies
-
|
You can do if by volume mounting and overriding things in /opt/wildfly/standalone/configuration/keystore, but the recomnended way to expose the service externally is through in ingress, like "Using the container behind a proxy" in https://hub.docker.com/r/keyfactor/ejbca-ce |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for the response. Just getting a chance to look at this again now that the weekend's approaching. Adding a proxy is doable, but somewhat overkill for my home network. How do I determine the keystore password? |
Beta Was this translation helpful? Give feedback.
-
|
The WIldFly installation is /opt/wildfly in the container. /opt/wildfly/standalone/configuration/standalone.xml holds the TLS configuration of WildFly. |
Beta Was this translation helpful? Give feedback.
-
|
Fantastic, I was able to get the store password from there and access the cert list. Hopefully that's enough for me to re-create with my signed certs when I get some spare time. Cheers! |
Beta Was this translation helpful? Give feedback.
The WIldFly installation is /opt/wildfly in the container. /opt/wildfly/standalone/configuration/standalone.xml holds the TLS configuration of WildFly.