Switch to own certificate

 

Preconditions

In order to swith to your own certificate:

  • You have to have a JKS (java key store) file containing your own certificate and a password matching. 
  • You have to know the certificate alias name inside the JKS file(use OpenSSL or Keystore Explorer to look up the value).
  • You have to have the friendly name that you defined, when you created the TU account.

 

Walkthrough  

 
1. Place you own certificate file (the jks file) in the folder <tuexample-source>\src\main\resources

 

2. Change p​roperty values inside the pom.xml (placed in root folder)

  • Change the value of the property 'nemid.applet.parameter.signing.keystore' to the new JKS file.
  • Change the value of the property 'nemid.applet.parameter.signing.keystore.alias' to the alias name of your own certificate. Change the value of the property 'nemid.pidservice.serviceproviderid' to your own SPID value.
  • Change the value of the property 'nemid.serviceprovider.logonto' to your own friendly name for the login box(javascript client login box).
  • Change the value of the property 'nemid.applet.parameter.signing.keystore.password' to your own password. You have to encrypt your own password using the Java class EncryptionHelper contained within the tuexample-source.
  • Copy the encrypted password to the value of the property 'nemid.applet.parameter.signing.keystore.keypassword' as well.

 

4. Switch configuration of the PID Service to use own certificate.

The pid service configuration file is: tuexample-source\src\main\resources\pidclientsecurity.xml

  • Switch the value of the keyManager password to your own password in plain text - not encrypted: <sec:keyManagers keyPassword="Test1234">
  • Switch the value of the JKS password to your own password in plain text - not encrypted: <sec:keyStore type="JKS" password="Test1234" ... />
  • Swith the value of the JKS resource to you own JKS file: <sec:keyStore type="JKS" ... resource="wsclientkeystore.jks"/>

  

5. After switching all configuration you have to rebuild the project and run the application, with maven.

Run the command 'maven clean install jetty:run' and verify that everything works as excepted.
​​
The webapplication url is: http://localhost:8085/tuexample/