10-12-2018 08:16 AM
If I want to install my own "3rd Party" certificate for the Web Management Console (aka "the Modern UI"), the documentation at https://www.veritas.com/support/en_US/doc/21733320-132525226-0/v133148073-132525226 says I need to generate a Java Keystore file and a "keystore password file".
The Java Keystore isn't a big deal, Oracle's documentation on how to create a keystore, give it a password, and store a certificate in it is good enough. But I can't find anything that leads me to believe that a "keystore password file" is than the figment of the imaginations of several people at Veritas.
Who else has installed a third party certificate for the 8.1.2 modern web UI? And how did you create the keystore password file?
10-14-2018 09:50 PM
Am I correct in assuming that your question relates to steps 2 and 3 shown below and the fact that, unless you're specifically familiar with these concepts, "Convert the third-party certificate" & "Create a keystore password file" are not tasks that you can easily perform on your master server unless you know anything about security and certificates?
10-15-2018 06:05 AM
Yes, that's what I'm asking. And while it's not somehting I do every day, I'm not a complete noob when it comes to PKI and SSL certificates. I just don't deal with Java development, so a Keystore is new to me.
I can do a CSR and get a cert from my local Windows CA, but seriously, try a Google search of "Keystore Password file" there are no relevent search results.
10-15-2018 08:39 AM
Well I am a noob in this domain. My point being that the documentation should be a bit more helpful and not assume that everybody knows everything about everything.
10-15-2018 10:04 AM
I agree with you completely about the documentation.
10-15-2018 01:47 PM
Just to chime in, last week I was reading the Administrator Guide I and on less than 2 hours I noticed 3 errors that confused me. Ended up wasting lot more time trying to verify that the problem was not my understanding but the documentation itself. The quality of documentation definitely needs to improve for NetBackup.
10-15-2018 02:20 PM - edited 10-15-2018 02:20 PM
A couple of weeks ago, at Microsoft Ignite, I happened to meet a Senior Product Manager from Veritas, and when asked about what I thought could be improved about NBU, documentation was one of my key points.
But I'd still really like an answer to my original question.
10-25-2018 04:38 AM
Did you find a solution for creating a password file?
10-25-2018 05:53 AM
Nope, I haven't found a solution on my own. If I happen to find something, or am provided a solution outside of this forum, I'll post it here.
11-04-2018 09:43 AM
The keystore password file is just a file containing the password to access JAVA keystore file. It could be any name or extension
For Example:
To import the CA certificate I would use the below keytool
keytool -importcert -noprompt -trustcacerts -file certificate.crt -keystore test.jks -storepass password2 -alias testCA
So my password file would be any file which contains the text as - "password2" in it (without quotes)
Let me know if you face any issues or need any help with any commands while trying to setup the 3rd party certificates and I can try to help you out