Use the Remote File Storage (RFS) manual utility, pre-packaged within the RFS-Web module, to manually upload certificates to a shared truststore instance. The manual utility handles client certificates for Content Rendering Engine (CRE) as well as regenerated RFS and CRE certificate uploads.

Process Overview

  1. Transfer the .pem file to the truststore path on the appropriate RFS-Web server.

  2. Run the appropriate command from a server with the RFS-Web component installed.

  3. If the notification Certificate was added to keystore appears, restart all services to complete the process.

    If the notification <name> truststore … does not exist. Creating <name> truststore path appears, delete the newly created truststore folder, adjust the –fp path, and rerun the command.

CRE Components

Use the specified component values and associated instructions to gain insight into how the manual certificate upload process works. Do not view the provided values as recommendations. The example defines the components as absolute paths for the sake of clarity.

Component CRE
Manual Certificate Utility Name
Manual Certificate Utility File Location /opt/airwatch/rfs/rfs-web/etc/unix/
ALIAS_NAME Acme_Production_Cre_Cert
CLIENT_CERTIFICATE_FILE /mnt/RFS_Storage/CreClientCertificate.pem
.pem File Name CreClientCertificate.pem

Upload Process

Review how to upload a CRE certificate on a Linux RFS-Web server.

  1. Transfer the RfsClientCertificate.pem file to the /mnt/RFS_Storage/truststore/ on the RFS-Web servers.

  2. Run the command from a Linux server with the RFS-Web component installed.

    sh /opt/airwatch/rfs/rfs-web/etc/unix/ –cn 98cfa7ef-4e2f-14d2-8134-efa03e34748c
                            –cp /mnt/RFS_Storage/truststore/CreClientCert.pem –fp /mnt/RFS_Storage/
  3. Review the Certificate was added to keystore notification that appears, indicating the certificate uploaded successfully. Restart the RFS Service to complete the process.