Configuring SSL in Endeca Server enables SSL communication among all the components.
The steps are described in detail in later topics.
If you are running Studio, you can also enable SSL for Studio. For details, see the Oracle Endeca Information Discovery Studio User's Guide.
There are a variety of tools that you can use to generate keys and certificates. One of the most common is the keytool utility.
http://docs.oracle.com/javase/6/docs/technotes/tools/windows/keytool.html
Alternatively, you can use the enecerts utility described later in this chapter, in Using enecerts to generate SSL certificates.
A certificates file named cacerts is shipped in the shared/jre/lib/security directory. The cacerts file represents a system-wide keystore with CA certificates. The default password of the cacerts file is changeit. You should change the default password if you intend to use the file. You can configure and manage the file with the keytool utility, specifying jks as the keystore type.
The cacerts keystore file ships with several root CA certificates. The Web page accessed by the link above lists the aliases and X.500 owner distinguished names in the file.
The default jetty-ssl.xml configuration file comes pre-configured with this default keystore. You can use this keystore only for preliminary SSL testing. However, you should create your own keystore when you are ready to set up your SSL environment.