JetBrains Space EAP Help

SSL Keystores

Space supports uploading SSL keystores. An SSL client key contained in a keystore is used to identify Space as a client when connecting to an external server. Adding a server certificate as trusted means that you trust the server that holds a respective certificate.

The uploaded SSL keystores can be used to configure secure connection with supported third-party authentication providers.

Upload an SSL keystore:

  1. On the navigation bar, click administration.png Administration and choose SSL keystores.

  2. Click Add keystore.

  3. Enter a name for the new keystore.

  4. Select a file that contains the keystore. Browse for the file or drag-and-drop it into the field.

    • The keystore must be in PKCS12 (.p12) format.

    • The keystore must be password protected.

    • The keystore must contain a single entry.

  5. Click Add to upload the selected file to Space.

Added keystores are enabled by default.

Disable and enable keystores:

  1. On the navigation bar, click administration.png Administration and choose SSL keystores.

  2. Locate the keystore in the list and click a corresponding button: Active or Inactive.

Delete a keystore:

  1. On the navigation bar, click administration.png Administration and choose SSL keystores.

  2. Locate the keystore in the list and click delete-icon next to it.

Generate a keystore File

There are several tools that let you create SSL keys and certificates in PKCS12 format. Here is how to create SSL key with the OpenSSL toolkit:

  1. Generate a new 2048 bit RSA key with password protection:

    openssl genrsa -des3 -out Space.key 2048

  2. Generate a certificate request for the generated key:

    openssl req -new -key Space.key -out YouTrack_SAML.csr

  3. Generate a certificate:

    openssl x509 -req -days 365 -in Space.csr -signkey Space.key -out Space.crt

  4. Package the key and the certificate in a PKCS12 file:

    openssl pkcs12 -export -out Space.p12 -inkey Space.key -in Space.crt -certfile Space.crt
    • You now have a PKCS12 keystore (Space.p12 in the example) that is ready for upload to Space.

Last modified: 12 May 2020