Home

Adding certificates into Unravel Truststore

The following certificate formats are supported:

  • PEM (.pem)

  • JKS (.jks)

  • PKCS12 (pkcs12, .p12, .pfx)

All the certificates are stored in data/certificates by default.

You must add the certificate to the Truststore and then enable the Truststore.

Adding certificate to the Truststore

Multiple certificates can be passed through trust add command, and it can also be called multiple times. All the calls will add the certificates to the trust store. By default, the store is located at data/certificates/trusted_certs.pem and trusted_certs.pkcs12

In case the chain of trust cannot be established for a given certificate, the missing parts of the trust chain can be added to the Truststore.

Run the following steps from the manager tool to add certificates to the Truststore:

Step No.

Command

Step 1

Autodetect file format based on the extension.

manager config tls trust add <certificates>

Step 2

Force the uploading of certificate (pem/jks/pkcs) files.

manager config tls trust add --pem <certificates>

manager config tls trust add --jks <certificates>

manager config tls trust add --pkcs12 <certificates>

Enabling/Disabling the Truststore

The trust store can be enabled or disabled without affecting the list of trusted certificates.

  1. Run the following from the manager tool:

    manager config tls trust <enable|disable>
  2. After enabling/disabling the Truststore, stop Unravel.

    manager stop 
    
  3. Refresh the files and then start Unravel again.

    manager refresh files 
    manager start