Configure Certificate Within FlexDeploy

Certificate credentials support a certificate file upload.

You can reference Certificate credential where supported. For example,

How to generate Private Key & Certificate

See example commands below to generate Private Key and Certificate. Adjust KEY_ALIAS and KEY_PASSWORD before running this. You will get two Private Key files (.pem extension) - with and without Passphrase. You will also get matching Certificate (.cer).

rm -rf ./generated
mkdir generated
cd generated

export KEY_ALIAS=FDOCI1
export KEY_PASSWORD=Welcome1

keytool -genkey -keyalg RSA -alias $KEY_ALIAS -keystore keystore.jks -storepass $KEY_PASSWORD -validity 365 -keysize 2048 -keypass $KEY_PASSWORD

keytool -exportcert -alias $KEY_ALIAS -file ${KEY_ALIAS}.cer -keystore keystore.jks -storepass $KEY_PASSWORD -rfc
sed -i 's/\r//g' ${KEY_ALIAS}.cer



keytool -importkeystore -srckeystore keystore.jks -srcstorepass $KEY_PASSWORD -destkeystore keystore.p12 -deststoretype pkcs12 -destkeypass $KEY_PASSWORD -deststorepass $KEY_PASSWORD

openssl pkcs12 -in keystore.p12 -passin pass:$KEY_PASSWORD -passout pass:$KEY_PASSWORD -nocerts -out $KEY_ALIAS.pem

openssl rsa -in $KEY_ALIAS.pem -passin pass:$KEY_PASSWORD -out ${KEY_ALIAS}_no_passphrase.pem

cd ..

Referencing Certificate Values As Properties

A Certificate credential that is assigned to an encrypted property within FlexDeploy can be referenced for property replacement or groovy variables. In order to reference the certificate, then only the property code can be used.

For example, we have an encrypted property on this workflow with the code WEB_CERTIFICATE.

We could have a step in our workflow to execute an operation that will connect to an external system using the certificate of the property configured on the project. Below is an example of referencing our property in a groovy script, but it would be similar for environment variables or property replacement within files. For accessing the certificate then we would use the code WEB_CERTIFICATE.