Friends I would need your help, I have installed an environment that was created with a CA, but due to modifications in the main office we have created a new CA and I need to put these new certificates in the environment. I need your help how can I do it or do I have to reinstall everything?
The first step is to create a Root Secure Sockets Layer (SSL) certificate. This root certificate can then be used to sign any number of certificates you might generate for individual domains. If you aren’t familiar with the SSL ecosystem, this article from DNSimple does a good job of introducing Root SSL certificates.
Generate an RSA-2048 key and save it to a file rootCA.key. This file will be used as the key to generating the Root SSL certificate. You will be prompted for a passphrase which you’ll need to enter each time you use this particular key to generate a certificate.
openssl genrsa -des3 -out rootCA.key 2048
You can use the key you generated to create a new Root SSL certificate. Save it to a file namedrootCA.pem. This certificate will have a validity of 1,024 days. Feel free to change it to any number of days you want. You’ll also be prompted for other optional information.
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem
I hope this information helps!
If my question is about replacing certificates in my Hortonwork environment today.
I have an intermediate certificate, for the chain of custody I must generate a truststore with the 2 certificates¿?
Thanks for the information
My question is
When I installed Ambari I created a truststore where I put my CA certificate and other certificates, now that I have to change I just need to remove the truststore and replace it or how I should manage this change.