SSL Keystores
CodeCanvas supports uploading SSL keystores. An SSL client key contained in a keystore is used to identify CodeCanvas as a client when connecting to an external server, for example, a third-party authentication provider.
Generally, such configuration consists of the following steps:
Generating a public certificate
.crt
file and a PKCS12 keystore.p12
file.Uploading the
.crt
file to the third-party authentication provider.
Generate a keystore File
There are several tools that let you create SSL keys and certificates in PKCS12 format. Here is how to create an SSL key with the OpenSSL toolkit:
Generate a new 2048-bit RSA key with password protection:
openssl genrsa -des3 -out CodeCanvas.key 2048Generate a certificate request for the generated key:
openssl req -new -key CodeCanvas.key -out CodeCanvas.csrGenerate a certificate:
openssl x509 -req -days 365 -in CodeCanvas.csr -signkey CodeCanvas.key -out CodeCanvas.crtCodeCanvas.crt
is a self-signed public certificate that you should upload to a party that needs to establish a secure connection with CodeCanvas (for example, a third-party authentication provider).Package the key and the certificate in a PKCS12 file:
openssl pkcs12 -export -out CodeCanvas.p12 -inkey CodeCanvas.key -in CodeCanvas.crt -certfile CodeCanvas.crtYou now have a PKCS12 keystore (
CodeCanvas.p12
in the example) that you should upload to CodeCanvas.
Upload an SSL keystore
In the header navigation, select Administration, then in the sidebar menu, select SSL keystores.
Click Add keystore.
Enter a name for the new keystore.
Select a file that contains the keystore. Browse for the file or drag-and-drop it into the field.
The keystore must be in
PKCS12 (.p12)
format.The keystore must be password protected.
The keystore must contain a single entry.
Click Add to upload the selected file to CodeCanvas.
Added keystores are enabled by default.
Disable and enable keystores
In the header navigation, select Administration, then in the sidebar menu, select SSL keystores.
Locate the keystore in the list and click a corresponding button: Active or Inactive.
Delete a keystore
In the header navigation, select Administration, then in the sidebar menu, select SSL keystores.
Locate the keystore in the list and click next to it.