In order to swith to your own certificate:
- You have to have a JKS (java key store) file containing your own certificate and a password matching.
- You have to know the certificate alias name inside the JKS file(use OpenSSL or Keystore Explorer to look up the value).
- You have to have the friendly name that you defined, when you created the TU account.
1. Place you own certificate file (the jks file) in the folder <tuexample-source>\src\main\resources
2. Change property values inside the pom.xml (placed in root folder)
- Change the value of the property 'nemid.applet.parameter.signing.keystore' to the new JKS file.
- Change the value of the property 'nemid.applet.parameter.signing.keystore.alias' to the alias name of your own certificate. Change the value of the property 'nemid.pidservice.serviceproviderid' to your own SPID value.
- Change the value of the property 'nemid.applet.parameter.signing.keystore.password' to your own password. You have to encrypt your own password using the Java class EncryptionHelper contained within the tuexample-source.
- Copy the encrypted password to the value of the property 'nemid.applet.parameter.signing.keystore.keypassword' as well.
4. Switch configuration of the PID Service to use own certificate.
The pid service configuration file is: tuexample-source\src\main\resources\pidclientsecurity.xml
- Switch the value of the keyManager password to your own password in plain text - not encrypted: <sec:keyManagers keyPassword="Test1234">
- Switch the value of the JKS password to your own password in plain text - not encrypted: <sec:keyStore type="JKS" password="Test1234" ... />
- Swith the value of the JKS resource to you own JKS file: <sec:keyStore type="JKS" ... resource="wsclientkeystore.jks"/>
5. After switching all configuration you have to rebuild the project and run the application, with maven.
Run the command 'maven clean install jetty:run' and verify that everything works as excepted.
The webapplication url is: http://localhost:8085/tuexample/