iPlanet Generate Server Key from Command Line
August 7, 2007 – 8:12 pmTip courtesy of Kyle Reynolds at http://www.camelrichard.org
Iplanet (Sun One Webserver) requires a server certificate to boot if you turn security on (to require a password to boot). This is commonly done through the admin console, but can also be done on the command line. This example uses Sun One Webserver 6.1SP7.
To Turn Security ON:
vi magnus.conf
change:
Security off
to:
Security on
Now, if you tried to start the webserver, you would see a message like this:
iplanet@blojszp1 /u01/app/iplanet/https-blojszp1.camelrichard.org ./start Sun ONE Web Server 6.1SP7 (64-Bit) B01/12/2007 06:13 failure: CORE1227: NSS initialization failed: SEC_ERROR_BAD_DATABASE: Problem using certificate or key database: Certificate database: /u01/app/iplanet/alias/https-blojszp1.camelrichard.org-blojszp1-cert8.db failure: CORE3174: NSS initialization failed
To generate a server key:
cd <iplanet root>/bin/https/admin/bin ./certutil -d . -N Enter a password which will be used to encrypt your keys. The password should be at least 8 characters long, and should contain at least one non-alphabetic character. Enter new password: Re-enter password: cp cert8.db <iplanet root>/alias/ cp key3.db <iplanet root>/alias/ cp secmod.db <iplanet root>/alias/
Now you should be prompted for a password to start the server:
iplanet@blojszp1 /u01/app/iplanet/https-blojszp1.camelrichard.org ./start Sun ONE Web Server 6.1SP7 (64-Bit) B01/12/2007 06:13 Please enter password for "internal" token: info: CORE5076: Using [Java HotSpot(TM) 64-Bit Server VM, Version 1.4.2_13] from [Sun Microsystems Inc.] info: WEB0100: Loading web module in virtual server [https-blojszp1.camelrichard.org] at [/search] info: HTTP3072: [LS ls1] http://blojszp1.camelrichard.org:8000 ready to accept requests startup: server started successfully