Use the Java keytool to create public and private keys for RSA authentication if the client is in Java.
RSA authentication uses public and private keys instead of passwords to authenticate with the ESP Server. The Java keytool utility is used to generate RSA keys when the client is in Java.
- Open a command prompt or terminal.
- Set the ESP_JAVA_HOME to your Java installation.
- Add $ESP_JAVA_HOME/bin in the path.
- To create a private/public key with the alias specified by the user, enter:
keytool -genkey -keyalg RSA -alias <alias/username> -keystore keystore.jks -storepass <password> -keypass <password>
<alias/username> is the user-chosen alias for the private and public keys that will function as a user name for logging in using RSA. <password> is the user-chosen password required to access the private key associated with the alias.
- Use the cluster admin tool to deploy the public key to the server:
esp_cluster_admin --uri=esp[s]://host-name:port
--keystore=<keystore>
--storepass=<storepass>
--keypass=<keypass>
--key-alias=<alias>
This makes the public key available to the cluster manager. This key becomes the public key that the cluster manager uses to verify the signature messages sent by the client's private key during the authentication process.