The SSL certificate that is provided with the server during installation is a sample certificate only. To use SSL for communicating with your MySQL Enterprise Service Manager and MySQL Enterprise Monitor User Interface, replace the supplied certificate with your own certificate.
The certificate keystore is located in the
apache-tomcat/conf/myKeystore file within
your MySQL Enterprise Service Manager installation.
To create a new self-signed certificate, use the keytool command (provided with Java SE Security) to create a new certificate file:
shell> keytool -genkey -alias tomcat -keyalg RSA -validity 1825 -keystore newKeystore
You will be prompted to fill in the certificate information and to provide a unique password for the certificate.
-validity specifies the length of the
certificate created, specified in days. The
-alias is required to ensure that the
certificate is associated with
Once you have created the new keystore, shut down MySQL Enterprise Service Manager,
copy the new keystore file to
apache-tomcat/conf/myKeystore, and restart
MySQL Enterprise Service Manager.
If you have an existing certificate that you would like to import into your keystore, you need to import the certificate using the following command:
shell> keytool -import -alias tomcat -keystore newKeystore -file public.pem
For more information on using SSL certificates in Tomcat see Apache Tomcat 6.0: SSL Configuration HOW-TO.