Versions Compared

Old Version 6

changes.mady.by.user Tracy McCurdy

Saved on

compared with

New Version Current

changes.mady.by.user Tracy McCurdy

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


The information on this page refers to License Statistics v6.14 or newer, which introduced the ability to use the License Statistics Manager to create a keystore. If you are running an older version of License Statistics, see documentation for previous versions

License Statistics accepts PKCS12 and JKS keystores. In this article we describe how to put your certificates into PKCS12 keystore. If  If you already have PKCS12 or JKS keystore with a loaded certificate and its key, then you don't need to do anything more.

In this article we describe how to put your certificates into PKCS12 keystore manually. If you are running License Statistics on Windows, you can more easily create a keystore using the License Statistics Manager to guide the process.

To generate a keystore, you will need one of the toolkits for SSL/TLS protocol. You can use any of them; in our examples, we are using openssl [1].

...

  • In every case, you will be prompted for a password. This password should be put under SSL_KEYSTORE_PASSWORD in the xflicstat.cfg file, or for Windows, under the LDAP configuration section of the License Statistics Manager.
  • The {path_to_created_keystore_file} value should be the path that you put under SSL_KEYSTORE key in the xflicstat.cfg file, or for Windows, under the LDAP configuration section of the License Statistics Manager.
  • The {certificate_alias} value should be the name that you put under SSL_KEYSTORE_KEY_ALIAS key in the xflicstat.cfg file, or for Windows, under the LDAP configuration section of the License Statistics Manager.
  • If you are migrating from 5v5.x settings, the {certificate_file_path} value is the path to the previously used certificate, defined as SSL_CERTIFICATE_FILE in your old xflicstat.cfg file.
  • If you are migrating from 5v5.x settings, the {key_file_path} value is the path to the previously used certificate key, defined as SSL_CERTIFICATE_KEY_FILE in your old xflicstat.cfg file.

  • On Windows, you may get an "openssl unable to write 'random state'" error. This error occurs when openssl cannot access the "C:\.rnd" file. You can either gain acces access to the file or change the value of RANDFILE (the environmental variable that stores the path to the .rnd file). RANDFILE should contain the path to the file that you have access to. If you are using Powershell, the setting can be changed by entering the following:

    Code Block
    languagepowershell
    $env:RANDFILE="C:\directory_i_own\.rnd"


...