1. Go to <Server_installation_location>/config directory.
2. Build Server Keystore with the following command:

   keytool -genkeypair -keyalg RSA -keystore vdtServerKeystore.p12 -storepass <unlock-password>

Import NSK C-Agent Certificate to Server Truststore

1. Go to <Server_installation_location>/config directory, and copy the NSK C-agent certificate to this directory.
2. Run the following command to create a server truststore and import the NSK C-agent certificate into this truststore:

   keytool -importcert -file <nsk-agent-certificate-file> -alias vdtAgent.crt.<unique-id>  -keystore vdtServerTruststore.p12 -storepass <unlock-password>

   Note:

   When importing multiple NSK C-agent certificates into a server truststore, assign a unique -alias value to each NSK C-agent certificate.
3. Delete the NSK C-agent certificate in <Server_installation_location>/config directory.

Save Server Truststore passwords to Server Wallet

1. Run the script named configure_server_ssl.sh under <Server_installation_location>/config directory.
2. For One-Way SSL, a Server Keystore is not required. If no Server Keystore has been configured, then press Enter when prompted. However, if a Server Keystore is available, enter the password when prompted.

   ./configure_server_ssl.sh
   OGGV-80056: Copyright (c) 2013, 2024, Oracle and/or its affiliates. All rights reserved.
   OGGV-80057: Veridata Server SSL Configuration Utility
   OGGV-80058: Notes:
   OGGV-80059: This utility allows Veridata to access keystore and truststore. When entering the passwords below, unlock password should match the one used in keytool -storepass option.
   [OGGV-80060: Enter Server Keystore unlock password:]
   [OGGV-80062: Enter Server Truststore unlock password:]