Introduction:
In this post, we will learn how to create a self-signed certificate and configure it with Liferay Portal. Here are the key points of the entire process.
Step 1: Create the Keystore
Open the command prompt and execute the below command to generate Keystore
keytool -genkey -alias tomcat -keyalg RSA -keystore keystoreIt will ask a series of questions. Answer those questions and after answering all those questions the Keystore file will be generated. Refer to the below screenshot.
Step 2: Export Certificate
We have the Keystore ready. Now it’s time to export it. To do so execute the below command
keytool -export -alias tomcat -keypass changeit -file server.crt -keystore keystoreRefer to the below screenshot.
Step 3: Import the certificate into the JDK’s default trust store file (CACERT)
For this execute the below command. Prepare the command as per your JDK path.
keytool -import -alias tomcat -file server.crt -keypass changeit -keystore "D:/Software/Zip-Extract-Installed-Softwares/zulu8.62.0.19-ca-jdk8.0.332-win_x64/jre/lib/security/cacerts"
Step 4: Update portal-ext.properties
Update the server protocol in portal-ext.properties
web.server.protocol=httpsStep 5: Update the server.xml file
Path : ${liferay-home-directory}\liferay-dxp-7.4.13-ga1\tomcat-9.0.53\conf\server.xml
Update the server.xml file with the below content
<Connector
protocol="org.apache.coyote.http11.Http11NioProtocol"
port="8443"
maxThreads="200"
scheme="https"
secure="true"
SSLEnabled="true"
keystoreFile="${user.home}/keystore" keystorePass="changeit"
clientAuth="false"
sslProtocol="TLS"/>