Java

  1. On the certificate holistic view, click Add Connector.
  2. Enter the General Information for the connector.
    Table 1. Field descriptions for the connector General Information
    Field Description
    *Category From the dropdown list, select Server.

    If the certificate being pushed was enrolled with CSR generation at endpoint, this field is auto populated with the category selected at the time of certificate enrollment.
    *Vendor From the dropdown list, select Java.

    If the certificate being pushed was enrolled with CSR generation at endpoint, this field is auto populated with the vendor selected at the time of certificate enrollment.
    *Connector Name Enter a name for this connector, to be able to identify it later.
    Tip: AppViewX recommends naming connectors according to use cases so they are easily distinguishable.
    Description Enter any additional details you want to record for this connector.
    Based on the information entered here, the Server selection section is populated with the list of available Java devices already onboarded in AppViewX.
  3. To select the device(s) to which the certificate will be pushed, under Server selection, from the list of Available Devices, click .
    The Selected devices list is updated automatically.
  4. Enter the Certificate Details.
    Table 2. Field descriptions for the Certificate Details
    Field Description
    Certificate Type From the dropdown list, select the file type of the certificate to be pushed.
    *Push Location Enter the endpoint where the certificate will be pushed. This can be a network location or directory on the server, or a URL from where the server can retrieve the certificate.
    *Certificate File Name Enter the file name of the certificate to be pushed. The file extension is auto-populated based on the Certificate Type selected.
    *PFX Password

    This field is displayed when Certificate Type = PKCS#12 (*.pfx) and PKCS#12 (*.p12).

    Enter the password that will be required to access the .pfx and the .p12 certificate files.
    *Key File Name

    The private key associated with a certificate is stored in a key file.

    Enter the name of the file that contains the private key associated with the certificate to be pushed.

    The file extension .key is automatically populated.
    *KeyStore Name

    This field is displayed when Certificate Type = any of the JKS certificate formats.

    For JKS certificates, a keystore is a repository used for storing private keys and certificates.

    In the KeyStore Name field, enter the name of the JKS keystore in which the certificate to be pushed is stored.
    *KeyStore Password

    This field is displayed when Certificate Type = any of the JKS certificate formats.

    Enter the password required to access the keystore that contains the JKS certificate to be pushed.
    User Enter the details of the user that has the necessary permissions to push the certificate.
    Group Enter the details of the user group that has the necessary permissions to push the certificate.
    Password Version Enter the version of the algorithm that is used to encrypt the password for accessing the ADFS server.
    Alias Name

    This field is displayed when Certificate Type has one of the following values:

    • PKCS#12 (*.pfx)

    • PKCS#12 (.p12)

    • PKCS#12 (_Cert)

    • CERTDB (*.db)

    Enter the certificate alias assigned in the CSR generated for requesting/enrolling the certificate.

    Push Root and Intermediate Certificates To push the root and intermediate certificates, along with the end certificates, select this checkbox.
    *Intermediate File Name 1

    This field is displayed only when Push Root and Intermediate Certificates is enabled.

    Enter the name of the intermediate certificate file.
    *CA File Name

    This field is displayed only when Push Root and Intermediate Certificates is enabled.

    Enter the name of the root certificate file.
  5. Enter the Push Details.
    Table 3. Field descriptions for the Push Details
    Field Description
    *Script Location Script files are commonly used to perform certain tasks required to be completed before and/or after a certificate is pushed to the target system.

    The script to be run before the certificate is pushed is called a pre-push script and the script to be run after the push is called a post-push script. The script that automates the push operation is called a push script.

    From the following options, select the location of the script file(s):

    • In AppViewX
    • In Device
    Pre - Push Script File Name
    Enter the file name of the pre-push script.
    Important: Read the pre and push script usage instructions here.
    Pre - Push Script File Path This field is displayed when Script Location = In Device.
    Enter the location on your local system where the pre-push script file is stored.
    Important: Read the pre and push script usage instructions here.
    Pre - Push Script Parameters Enter the values that will be passed to the pre-push script.
    *Push Script File Name Enter the name of the push script.
    Push Script Parameters Enter the values that will be passed to the push script.
    Post - Push Script File Name Enter the file name of the post push script.
    Important: Read the pre and push script usage instructions here.
    Post Push Script Parameters Enter the values that will be passed to the post-push script.
    Post Push Script File Path This field is displayed when Script Location = In Device.
    Enter the location on your local system where the post-push script file is stored.
    Important: Read the pre and push script usage instructions here.
    Rollback Location To recover from a conflict or failure during a push operation, copies of the certificate and configuration file are stored in a directory or storage location.

    In the Rollback Location field, enter the path to this location.

    Rollback Parameters Enter the rollback parameters (settings) used to initiate the rollback process.
    Overwrite The Overwrite option is used to specify if existing certificates on the target system will be overwritten with the certificate being pushed.

    If this option is enabled, the certificate being pushed will overwrite any existing certificates with the same identifier on the target system. This will also ensure that only the latest version of the certificate is available on the target system.

    If it is disabled, the push operation will fail in the event of conflicts with the certificates on the target system.
    Push Automatically To automatically push the certificate after it is renewed/reissued to the target system, enable this checkbox.
    Note: The auto push feature for a certificate works only if enabled for the certificate application connector as well the associated certificate group. To enable this feature at the certificate group level, refer the instructions here.
    Secure Push The Secure Push option ensures that the certificate is pushed to the target system securely, protected from any unauthorized access.
  6. Click Save.
    The connector is displayed on the certificate holistic view.