SSL Keystores
Space supports uploading SSL keystores. An SSL client key contained in a keystore is used to identify Space as a client when connecting to an external server. Adding a server certificate as trusted means that you trust the server that holds a respective certificate.
The uploaded SSL keystores can be used to configure secure connection with supported third-party authentication providers.
On the main menu, click
Administration and choose SSL keystores.
Click Add keystore.
Enter a name for the new keystore.
Select a file that contains the keystore. Browse for the file or drag-and-drop it into the field.
The keystore must be in
PKCS12 (.p12)
format.The keystore must be password protected.
The keystore must contain a single entry.
Click Add to upload the selected file to Space.
Added keystores are enabled by default.
On the main menu, click
Administration and choose SSL keystores.
Locate the keystore in the list and click a corresponding button: Active or Inactive.
On the main menu, click
Administration and choose SSL keystores.
Locate the keystore in the list and click
next to it.
There are several tools that let you create SSL keys and certificates in PKCS12 format. Here is how to create SSL key with the OpenSSL toolkit:
Generate a new 2048 bit RSA key with password protection:
openssl genrsa -des3 -out Space.key 2048
Generate a certificate request for the generated key:
openssl req -new -key Space.key -out Space.csr
Generate a certificate:
openssl x509 -req -days 365 -in Space.csr -signkey Space.key -out Space.crt
Package the key and the certificate in a PKCS12 file:
openssl pkcs12 -export -out Space.p12 -inkey Space.key -in Space.crt -certfile Space.crt
You now have a PKCS12 keystore (
Space.p12
in the example) that is ready for upload to Space.
Thanks for your feedback!