Hello,
we need to replace native certificates related to the following ports with ones created by our enterprise certification authority:
20390, 20411, 20404, 22002, 20443,20394, 20396, 20391, 20404.
I read the following documentation, suggested in another request:
Replace Native Certificates with SHA-2 Signed SSL CertificatesWe already have a certificate pfx file generated by our enterprise certification authority with the servername.subdomain.domain as CN, privatekey and the certificate chain from our certification authority.
Which are the requirements to create the pem certificates and keys? Could we use openssl with pkcs12 parameter?
Do we need to have a certificate with the same CN (eta_server, eta_client, provisioning services, etc..) of we can use a different name, for example the servername as CN?
Can eta_client and eta_server certificates be the same one?
Do we need to delete and import the certificates in java (connector/provisioning/im) keystores with the same alias or we can add new certificates with different alias?
Thanks.