Importing a certificate for HTTPS uploads
The Transport Service can only perform HTTPS uploads (necessary for HTTPS transport) if it can find a certificate that permits it to access the destination. If no such certificate is available, transport will fail.
To perform this import, you can use either a command-line tool called keytool, or the GUI-based Policy Tool. Both are shipped with the Java Development Kit. The following Web resources explain how to use these tools:
- http://download.oracle.com/javase/6/docs/technotes/tools/windows/keytool.html
- http://download.oracle.com/javase/6/docs/technotes/tools/windows/policytool.html
Using these tools, import the certificate in one of the following ways:
- Import into default CACERTS keystore
-
Your Java Runtime Environment (JRE) ships with a default password-protected keystore known as the CACERTS keystore. By default, the password for this keystore is
keystore. To import your certificate into this keystore, execute the following command from the command prompt:keytool -import -file mycertificate.cer -keystore c:\path\to\jre\lib\security\CACERTSwhere mycertificate.cer is your certificate file, and c:\path\to\ is the path to your JRE.
- Import into a custom keystore
-
You can also create a custom keystore with a custom password by executing the following command from the command prompt:
keytool -import -file mycertificate.cer -keystore c:\mydir\myks.keystorewhere mycertificate.cer is your certificate file, and c:\mydir\myks.keystore is the full path and filename to the keystore file you want to create. Keytool prompts you for a password to secure this new keystore with.
If you use this custom keystore, you must configure it in the Transport Service configuration file, cd_transport_conf.xml, by inserting a
KeyStoreelement inside theSenderelement with itsTypeattribute set toHTTPS, as follows:<Sender Type="HTTPS" Class="com.tridion.transport.connection.connectors.HTTPSTransportConnector"> <KeyStore Path="c:\mydir\myks.keystore" Secret="mypassword" /> </Sender>where c:\mydir\myks.keystore is the full path and filename to the keystore file you created, and
mypasswordis the password you used to secure the keystore with.