0
votes

Today I was handed a system with expired SSL certificates with the following applications running on it:

  • JDK1.6.0_20
  • Jboss-5.1
  • Mirth 1.8.2

I have verified that the cert(s) on this server are expired via the following command

$  openssl s_client -connect localhost:443 | openssl x509 -text

This shows me what I expected, that the SSL certificate is expired. However, I cannot find the keystore for this server (my only experience has been using FIPS) - so I must ask: If Mirth is installed, and I'm using SSL, is the keystore in Mirth "THE" keystore for the server?

That doesn't make sense, but in the root of Mirth I can see that there is in fact a keystore there. How can I list the keys in the Mirth keystore? How do I add/update/delete keys in the Mirth keystore?

Any suggstions would be greatly appreciated. Even if it's RTFM - if you can just tell me where the manual is, I'll happily read it.

1
This may be obvious and you probably already know , but in the server.xml for JBoss it may reference the location of the Keystore in the Connector and its assocaited password in the SSL configuration. Just use a program called "Keystore Explorer" to view it.djangofan

1 Answers

0
votes

If mirth is using the SSL Plugin Manager, you can look at the referenced keystore on the server by clicking settings and viewing the SSL keystores listed there.

If the SSL manager isn't present, then the keys are located in the Java keystore, located in your Java file under /lib/security/cacerts.