Creating a certificate authority
If you need your own certificate authority you can create one by using CDC Replication commands.
This procedure uses keytool, which is located under installation_directory/jre64/jre/bin.
The basis of a certificate authority is a public/private key pair with a self-signed certificate. You can use the keytool -genkeypair command to generate these pairs. The -dname parameter specifies the X.500 Distinguished Name of the certificate authority. For example:
keytool -genkeypair -noprompt -alias self -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -dname "O=example.com" -validity 365 -keypass password -keystore privatekey.jks -storepass password -storetype JKS -ext BasicConstraints:critical=ca:true -ext KeyUsage:critical=keyCertSign,cRLSign
You can also use third-party tools such as openssl to create a certificate authority.