Closed syats closed 2 years ago
@syats you will have to put the p12 file in jks format on the server that you are running it. So at first you will have to convert it to jks format and then place it in the following mentioned path.
Thanks,
So I understand correctly that the certificate used for DAPS is the same one used for TLS termination by the reverse proxy? We will try the solution and update issue accordingly, thanks.
Hello @syats, that's a very good point you raise. Generally speaking, and I am repeating the experts here, the IDS Identity Certificate (which is used for the DAPS) should not be used for the TLS encryption. The IDS Identity Certificate is harder to replace in case the private part gets lost (I think that was the explanation).
@sebbader @syats Closing this issue for now, let us know if you need more information on this further.
Hi all,
I have a question regarding the open-core broker. If I have my own p12 certificates to use with DAPS, where should I place these? Also related, how do I configure the client-name for my broker?
In particular I have:
central-core
And I get this in the logs:
I believe my p12 is not properly being recognized.
Any advise will be appreciated.