IdP SSL Certificate Renewal
Cantor, Scott
cantor.2 at osu.edu
Wed Apr 17 19:32:44 EDT 2019
Certs are effectively free anyway, so any time you need them, just get new ones. The "cost" of losing the private key for a TLS config now is zero. It's very unlike the old days.
There are no specific answers to your questions. Keys and certificates for Java web servers can be anywhere, and in JKS keystores, PKCS12 files, or other formats. That's a local question.
It is, essentially, irrelevant. Start over, build a Jetty (or Tomcat) deployment you can support, and put the credentials where you want them, in the format you want them. I use PKCS12 files in a credentials directory underneath the jetty-base directory tree.
-- Scott
More information about the users
mailing list