I wanted to replace this certificate since it shows expired as of June 24,
2008 and has a common name of "Unknown". It is the file named "keystore" in
(on Windows, obviously)
To create a new "keystore" file, you need a reasonably current version of
the Java Runtime Environment from Sun. I used v1.6 update 7 on my XP
Locate the "keytool.exe" file in your local JRE folder. Mine was in
Run it from a command prompt with this syntax to create a 5-year life
keytool -genkeypair -alias "mykey" -keystore keystore -validity 1825 <Enter>
You will be prompted to answer a series of questions. Use the word
"password" without the double quotes for the keystore password. This will
match what is set in another configuration file in the ModSecurity Console.
When it asks you for your first and last name, do not enter your first and
last name. Enter the common name instead (the fully qualified DNS name of
how you access the Console web interface).
Answer the rest of the questions accurately.
Type a "y" to confirm your answers.
Press Enter to accept the existing password.
Backup the existing "keystore" file by renaming it and then copy the new
"keystore" file into the above directory. Restart the Console service.