iWay Application Adapter for Salesforce User's Guide > Certificate Management > Key Store Management

Key Store Management

Topics:

Generating the Key Pair
Generating the Certificate Signing Request
Purchasing the Commercial Certificate From VeriSign or a Similar Certificate Authority
Importing the Root Certificate and Intermediate Certificate
Importing the Signed Certificate

This section describes how to generate the keypair and generate the certificate signing request.

Note: In this section, iWay Software is used as an example for demonstration purposes. You must use the appropriate information that corresponds to your company or organization.

Generating the Key Pair

Use the following command to generate the key pair:

D:\certificate>keytool -genkey -v -alias iwaysoftware -validity 365 
-keyalg RSA -keypass iwaysoft -keystore iway.jks -storepass iwaysoft

What is your first and last name?
   [Unknown]:  www.iwaysoft.com

What is the name of your organizational unit?
   [Unknown]:  iwaysoft

What is the name of your organization?
   [Unknown]:  iwaysoft

What is the name of your City or Locality?
   [Unknown]:  New York

What is the name of your State or Province?
   [Unknown]:  New York

What is the two-letter country code for this unit?
   [Unknown]:  US

Is CN=www.iwaysoft.com, OU=iwaysoft, O=iwaysoft, L=New York, ST=New York, C=US correct?
   [no]:  yes

Generating the Certificate Signing Request

Use the following command to generate the certificate signing request:

D:\certificate>keytool -certreq -alias iwaysoftware -file iwaysoft 
-keystore iway.jks -storepass iwaysoft

Purchasing the Commercial Certificate From VeriSign or a Similar Certificate Authority

You must purchase the commercial certificate from VeriSign or a similar Certificate Authority (CA).

The following is a link to the VeriSign website that you can use:

http://www.verisign.com/ssl/buy-ssl-certificates/index.html

Note: For a list of approved Certificate Authorities, it is recommended that you check with Salesforce.

Importing the Root Certificate and Intermediate Certificate

Once you receive the commercial certificate in the mail with the signed certificate, use the following command to import the root certificate:

D:\certificate>keytool -import -trustcacerts -alias verisign_root_ca 
-file verisign_trial_root.cer -keystore iway.jks -storepass iwaysoft

When prompted regarding trust, enter Yes. Then import the intermediate certificate using the following command:

D:\certificate>keytool -import -trustcacerts -alias  
verisign_intermediate_ca -file verisign_trial_intermediate_ca.cer 
-keystore iway.jks -storepass iwaysoft

Importing the Signed Certificate

Copy the signed certificate from the mail and paste it into a new empty file that has a .CER extension. Use the following command to ensure that the alias is the same as the one that is used during the key generation:

D:\certificate>keytool -import -alias iwaysoftware -file iwaysoft.cer 
-keystore iway.jks -storepass iwaysoft

	iWay Software

Feedback