Installing Trusted Certificates into a Java Keystore (PaaS)

Installing Trusted Certificates into a Java Keystore (PaaS)

  

Greetings, 

I need help involving PaaS, a java extension and the use of a certificate to be used by the java extension for login purposes.

We have implemented this Java extension to be able to connect to a service (LDAP) securely. This require us to use the port 636 and to put a certificate in the Java Keystore. After all the certificate's configuration, I could make the validation execute successfully locally (not in the OutSystems' uploaded version); I processed the request with my certificate authority, and installed the certificate and trust that they provided to us. Specifically, I installed the certificate in my Windows computer using cmd and ran an eclipse test to verify that the certificate worked. 

Now that I want to do the same in Java extension at the PaaS (to install the certificate in the Keystore via Keytool), I realize that I don't know how to access the java Keystore for the server that is hosting my application. I don't know the operating system, I don't have an administrative account and if somehow connect to it, I don't have the Keystore password that could allow me to install it. 

How can I get this information? Is this the right approach to accomplish this or is there a more practical way of installing and using a certificate at the server to be read by my extension?

@Luis

You'll have to ask the hosting company to do those configurations since you don't seem to have admin control over the server(s).

The company hosting and managing the servers, applications and extensions is OutSystems. Do you mean to ask them?

You say you don't have an administrative account... who do you think should be contacted?

I have a car of brand Ferrari and I have a problem. Should I ask Lamborghini for help?


You can find help here. Support will help you out.

João Heleno wrote:

You say you don't have an administrative account... who do you think should be contacted?

I have a car of brand Ferrari and I have a problem. Should I ask Lamborghini for help?


You can find help here. Support will help you out.

Oi João,

Thanks for your feedback. I have contacted my team and the team (having inherited the OutSystems platform) do not have knowledge of any administrative accounts or tools that would allow us to manage the Java virtual machine or the Red Hat Enterprise Linux 5, 64-bits. 

Whether such administrative accounts/keystore password exists or not, my question was oriented to understanding if my approach to resolve the installation of a certificate at the keystore was correct or if it should be implemented in a different way, or not possible at all.

For example, my approach is to (understand if its possible to) get access to the operating system hosted by OutSystems to allow me to run the following command:

keytool -keystore cacerts -import -alias outsystemldap -file outsystem.cer -storepass changeit