Use the Remote File Storage (RFS) manual utility, pre-packaged within the RFS-Web module, to manually upload certificates to a shared truststore instance. The manual utility handles client certificates for Content Rendering Engine (CRE) as well as regenerated RFS and CRE certificate uploads.

Process Overview

  1. Transfer the .pem file to the truststore path on the appropriate RFS-Web server.

  2. Run the appropriate command from a server with the RFS-Web component installed.

  3. If the notification Certificate was added to keystore appears, restart all services to complete the process.

    If the notification <name> truststore … does not exist. Creating <name> truststore path appears, delete the newly created truststore folder, adjust the –fp path, and rerun the command.

Linux Components

Use the specified component values and associated instructions to gain insight into how the manual certificate upload process works. Do not view the provided values as recommendations. The example defines the components as absolute paths for the sake of clarity.

Component Linux
Manual Certificate Utility Name
Manual Certificate Utility File Location /opt/airwatch/rfs/rfs-web/etc/unix/
ALIAS_NAME 98cfa7ef-4e2f-14d2-8134-efa03e34748c
CLIENT_CERTIFICATE_FILE /mnt/RFS_Storage/RfsClientCertificate.pem
TRUSTSTORE_PATH /mnt/RFS_Storage/truststore/
.pem File Name RfsClientCertificate.pem

Upload Process

  1. Transfer the RfsClientCertificate.pem file to the /mnt/RFS_Storage/truststore/ on the RFS-Web servers.

  2. Run the command from a Linux server with the RFS-Web component installed.

    sh /opt/airwatch/rfs/rfs-web/etc/unix/ –cn 98cfa7ef-4e2f-14d2-8134-efa03e34748c
                            –cp /mnt/RFS_Storage/truststore/RfsClientCert.pem –fp /mnt/RFS_Storage/
  3. Review the Certificate was added to keystore notification that appears, indicating the certificate uploaded successfully. Restart all RFS Services to complete the process.