hisnero.blogg.se - Keystore explorer command line

Keystore explorer command line install#
Keystore explorer command line password#

► For connection to a global catalog server: ldaps://server FQDN:3289 ► For connection to a domain controller: ldaps://server FQDN:636

Notes: The SSL Host name should match the one defined in eDiscovery property e sa.nnectionURL and the SSL Port should match the one defined at the end of the eDiscovery property For SSL Port, enter the port used to connect to the domain controller or global catalog server. For SSL Host, enter the FQDN of the domain controller or global catalog server.ī.

With the keystore file open, go to Examine > Examine SSL to query the domain controller or global catalog server used for LDAPs authentication for its associated certificate(s).Ī.

Keystore explorer command line password#

This password must match the unencrypted password used in the eDiscovery property You will be prompted for the keystore password.

Run Keystore Explorer and open the cacerts keystore in the working directory.

These files can be found in the C:\jdk-8u#-windows-圆4\jre\lib\security folder.Įnsure you copy these from the JDK folder of the Java version currently in use by eDiscovery. Note: In eDiscovery version 10.0 and above, also copy a known-good cacerts.bcfks file.

Copy a known-good cacerts keystore file to both the backup and working directories created in step 3.

In this article, the folders are D:\LDAPs Temp\Cacerts Backup\ and D:\LDAPs Temp\Work Folder.

Create two subdirectories, one for backup copies of the keystore files and the other for keystore file modification.

Create a directory to contain the certificate keystores that will be modified.

Keystore explorer command line install#

Download and install KeyStore Exploreron the eDiscovery primary server following the defaults.

This article provides a method to streamline that process and take out some of the guesswork using an open source tool called KeyStore Explorer. This process can be daunting if done using the keytool command line interface with certificates provided in various formats and naming conventions.

Setting up secure LDAP (LDAPs) authentication for eDiscovery requires importing a valid certificate or certificate chain into the Java keystore file(s).