Setting up a Keystore

Note: Any changes to the BVR, BRM and BAM keystores require BVR, BRM and BAM respectively to be restarted to take effect

BVR, BRM and BAM use Java keystore (.jks) files which are manipulated using Java's keytool command. BVR, BRM and BAM have configuration options that define the default name, location of their keystore and the alias of the key that BVR, BRM and BAM will use in the keystore. If running on the same system it will make sense for BVR, BRM and BAM to use the same keystore as they will both be providing the same certificate. This setup is fully supported by BVR, BRM and BAM.

To create a keystore, you can use the following command:
keytool -genkey -alias blueworx -keystore keystore.jks -keyalg RSA -keysize 2048 -validity NUMBER_OF_DAYS -dname "cn=SERVER_HOSTNAME"

It is important that you set the "Common Name" (CN) to the fully qualified hostname of your system (e.g. mysystem.xxxxxx.com or mysystem.xxxxxx.yyyyyyy.com). You will be asked to input a password. The default defined in both BVR, BRM and BAM configuration for this is "changeit", however it is recommended you use a more secure password than this and update the BVR, BRM and/or BAM configuration accordingly.

Note: The password of the key in the keystore must be the same as the keystore password.

For further information on the keytool command, please refer to the Oracle keytool documentation. https://docs.oracle.com/javase/8/docs/technotes/tools/unix/keytool.html