How do I change SSL Certificate encryption to 2048 for WebTop 2.2?
Please backup existing TIP / Webtop server before perform below steps.
Using iKeyman (<TIPHOME>/bin/ikeyman.sh) to create "Personal Certificate Request" and use PKCS12 (*.p12) as database type then added to TIP / Webtop server.
By Using the existing keystone as example:
Open an existing keystore database (look for key.p12) located in <TIPHOME>profiles/TIPProfile/config/cells/TIPCell/nodes/TIPNode (Password: WebAS)
1) Create a new key store database (PCKS12)
2) Generate the 2048 certificate request by click on drop down and select "Personal Certificate Request"
3) Click New... and input require information
4) Send requested certificate file to CA signer
5) When the certificate is returned by the CA signer, import it into the key database you created in step 1.
6) Add the certificate in TIP.
To add the 2048 certificate in TIP, do the following:
1) Login to TIP as the primary administrative user (usually "tipadmin")
2) Navigate to: Security > SSL certificate and key management, and then click on Key stores and certificates, and then NodeDefaultKeyStore
3) Click on Personal Certificates and click on Import
4) In the "Key file name" field enter the fully qualified path to keystore file that contains the certificate to import.
5) Select the correct key file type for the key database file you created in the ikeyman utility.
6) Click the "Get key file aliases" button to retrieve the list of certificate aliases in the key file.
7) Select the correct certificate alias to import.
8) Click "Apply" and then the "Save" link
9) On the "Personal certificates" page, click on the check box next to the "default" certificate, and then click the "Replace" button.
10) Look for the new certificate in the "Replace with" list. Select the new certificate, and then click the "Delete old certificate after replacement" and the "Delete old signers" options, and then click "Apply" and "Save"
11) Restart the TIP server process. The new 2048 certificate should be in place.