|
1
|
Initializing service for directory directory.xml...
|
|
2
|
Reading company configuration...
|
|
3
|
Using 'US' for [C] Country Code.
|
|
4
|
Using 'Alpharetta' for [L] Locality (city, etc).
|
|
5
|
Using 'GoldenCode' for [O] Organization.
|
|
6
|
Using 'Hotel' for [OU] Organization Unit.
|
|
7
|
Using 'GA' for [ST] State or Province Name.
|
|
8
|
Using 10 years for validity.
|
|
9
|
Enter RSA key strength (in bits), greater or equal than 2048 (blank for default 2048):
|
|
10
|
Enter RSA public exponent, blank for default (65337):
|
|
11
|
Adding account /security/accounts/processes/standard
|
|
12
|
Adding account /security/accounts/processes/ehotel
|
|
13
|
Adding account /security/accounts/processes/embedded
|
|
14
|
Adding account /security/accounts/users/bogus
|
|
15
|
WARNING: alias shared is set for multiple accounts!
|
|
16
|
Account /security/accounts/users/hotel ignored - no alias is defined
|
|
17
|
Account /security/accounts/users/858vnbwl4yc3695o ignored - no alias is defined
|
|
18
|
Account /security/accounts/users/5m31ku2l7367zylt ignored - no alias is defined
|
|
19
|
Account /security/accounts/users/r45i3pmd7pw8y671 ignored - no alias is defined
|
|
20
|
Account /security/accounts/users/03w9tz112f4tfz4c ignored - no alias is defined
|
|
21
|
Account /security/accounts/users/uys3w4132plb6z92 ignored - no alias is defined
|
|
22
|
Account /security/accounts/users/4l3f3iq3212olrq4 ignored - no alias is defined
|
|
23
|
Account /security/accounts/users/46jux6n31gp76s2d ignored - no alias is defined
|
|
24
|
Account /security/accounts/users/790d600rxp0zw1ut ignored - no alias is defined
|
|
25
|
Generating root CA using [hotel-root] alias...
|
|
26
|
Generating certificate for account with alias [ehotel]...
|
|
27
|
Generating certificate for account with alias [embedded]...
|
|
28
|
Generating certificate for account with alias [shared]...
|
|
29
|
Generating certificate for server with alias [standard]...
|
|
30
|
Encrypt the in-directory private keys using the same password (yes/no): no
|
|
31
|
Private key for root CA [hotel-root] was encrypted using the [^u0mrGn)o2X5nor109+KAvt&teTCn2v7] password and the password was NOT SAVED in the directory. Losing this password will prohibit using the root CA to issue new certificates.
|
|
32
|
Adding certificate for alias [hotel-root] to the /security/certificates/cas/hotel-root node...
|
|
33
|
Private key for alias [ehotel] was encrypted using the [KmO`8b3K5dwAN>2w4D4^>61Cplojjtjw] password and saved in the /security/certificates/private-keys/ehotel node.
|
|
34
|
Use the access:password:keyentry-ehotel key to set this password in the server's bootstrap config file and delete the /security/certificates/private-keys/ehotel node from the directory.
|
|
35
|
Private key for alias [embedded] was encrypted using the [09Ed64TfKyPHw(>QVI4zhMUfX5yS)$95] password and saved in the /security/certificates/private-keys/embedded node.
|
|
36
|
Use the access:password:keyentry-embedded key to set this password in the server's bootstrap config file and delete the /security/certificates/private-keys/embedded node from the directory.
|
|
37
|
Private key for alias [shared] was encrypted using the [mzDoMKiU@3B40EgbHEu^4d~W5Z~09Xv5] password and saved in the /security/certificates/private-keys/shared node.
|
|
38
|
Use the access:password:keyentry-shared key to set this password in the server's bootstrap config file and delete the /security/certificates/private-keys/shared node from the directory.
|
|
39
|
Private key for alias [standard] was encrypted using the [Xhqv5d42WNugrJ`^k@6_m4wjyk1jW3g5] password and saved in the /security/certificates/private-keys/standard node.
|
|
40
|
Use the access:password:keyentry-standard key to set this password in the server's bootstrap config file and delete the /security/certificates/private-keys/standard node from the directory.
|
|
41
|
Adding certificate for alias [ehotel] to the /security/certificates/peers/ehotel node...
|
|
42
|
Adding certificate for alias [embedded] to the /security/certificates/peers/embedded node...
|
|
43
|
Adding certificate for alias [shared] to the /security/certificates/peers/shared node...
|
|
44
|
Adding certificate for alias [standard] to the /security/certificates/peers/standard node...
|
|
45
|
Save the account private keys in external key-store(s) (yes/no): yes
|
|
46
|
Save the private keys in the same key store (yes/no): no
|
|
47
|
The private key for certificate [ehotel] was saved in the [ehotel-private-key.store] key store, using store password [Ks70hcwSAU01#YmL*_LTz7LH0SUKKl5K2!yb] and key-entry password [N^ysi27>gYGySg#1NN>rTdF002ANiG6R9Rvz].
|
|
48
|
The private key for certificate [embedded] was saved in the [embedded-private-key.store] key store, using store password [87ViGTQVp<07zPw(3i2A4%uCHYx3mIgSt>Tk] and key-entry password [h8jNMO>Vbn0`cL)b95dVn$w03CePIB6eItL3].
|
|
49
|
The private key for certificate [shared] was saved in the [shared-private-key.store] key store, using store password [6UizSiDqbJ0rA~@9Sm7Zznv1La`6z1QY)5wz] and key-entry password [jzHEbVpd17m4~dkV800zsoyW#qm8<oE&y4Qp].
|
|
50
|
Save the server private keys in external key-store(s) (yes/no): yes
|
|
51
|
Save the private keys in the same key store (yes/no): no
|
|
52
|
The private key for certificate [standard] was saved in the [standard-private-key.store] key store, using store password [`Zl42y+<YPkvT5NnkOb_U33XCBbJow0D6UP6] and key-entry password [Ok3@xpmweSrZh_v3g4gkmZ&jg339edN%g00N].
|
|
53
|
Save servers' certificates in an external key store (yes/no): yes
|
|
54
|
Include the root CA certificate, to use this store as a trust store (yes/no)? yes
|
|
55
|
Enter key store file name: srv-certs.store
|
|
56
|
The servers' certificates [standard] were saved in the [srv-certs.store] key store, using password [y8vs3#AD4MzcIQWOW$h76k8avf`~BBAy21Jo].
|
|
57
|
Save the root CA private key in an external key store (yes/no): yes
|
|
58
|
Enter key store file name: root-ca-pk.store
|
|
59
|
The root CA's private key and certificate were saved in the [root-ca-pk.store] store.
|
|
60
|
The key store was encrypted using the [1A*aXAtj4q2aCZ!SokU6t8On)J8>4HxcD5cv] password, while the root CA's private key was encrypted using the [Msyb0N+Oy2ZT(Jo3KGkY72$Mfn&5VL0Mzh3T] password.
|
|
61
|
Done.
|
|
62
|
WARNING! Any configuration set at the client.xml or server.xml files or via bootstrap config arguments will have priority over the in-directory keys or certificates.
|
|
63
|
WARNING! The private key encryption passwords for all the account certificates are saved unencrypted in the directory. The root CA's private key can be safely deleted, if it is not required to issue other certificates using this CA.
|