Josh
Reputation: 513
TLS and Oracle API for MongoDB
I'm using the Oracle API for MongoDB with Oracle REST Data Services as described here: https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/24.3/ordig/oracle-api-mongodb-support.html
By default, this installation uses a self-signed certificate that expires after a couple weeks. I'd like to avoid this expiration and avoid the "self signed certificate" warning from my Java client.
Upvotes: 0
Views: 73
Answers (1)
Josh
Reputation: 513
Here are the steps for generating and signing your own certificate.
openssl genpkey -algorithm RSA -out private.key -pkeyopt rsa_keygen_bits:2048
openssl req -new -key private.key -out csr.csr
openssl x509 -req -in csr.csr -signkey private.key -out certificate.crt -days 365
Then, in ORDS settings config/global/settings.xml add these lines:
<entry key="standalone.https.cert">/path/to/certificate.crt/</entry>
<entry key="standalone.https.cert.key">/path/to/private.key/</entry>
Create a truststore for your Java client:
keytool -keystore truststore.jks -alias test -import -file certificate.crt
Set these Java properties when you start the application
-Djavax.net.ssl.trustStorePassword=passwordHere
-Djavax.net.ssl.trustStore=/path/to/truststore.jks
Upvotes: 1
Related Questions
- How do I avoid checking for nulls in Java?
- What is reflection and why is it useful?
- Proper use cases for Android UserManager.isUserAGoat()?
- What are the differences between a HashMap and a Hashtable in Java?
- How do I declare and initialize an array in Java?
- What is the difference between public, protected, package-private and private in Java?
- What is a serialVersionUID and why should I use it?
- Why is char[] preferred over String for passwords?
- What is JSONP, and why was it created?
- Is there any standard for JSON API response format?