From Omar Wiki

Registering a New User Using Java UI

The Java UI user registration feature is more functional than the Web UI user registration because it generates both the .p12 file needed for Web UI authentication as well as the JKS keystore needed for authentication within JAXR clients.

Details on how to do this are described in http://ebxmlrr.sourceforge.net/wiki/index.php/Run/javaUI#User_Registration_Using_Java_UI

Registering a New User Using Web UI

To create a user account using the web console, perform the following steps in the web console:

1. Click Tasks tab
2. Click Create User Account link
3. Click Start Registration Wizard button
4. Click Next button
5. Enter information about yourself in all required fields. These are marked with '*'. Enter any optional fields if you wish
6. Click Next button
7. Leave default choice of “Generate Key pair ....”
8. Enter a user key alias (similar to username). This MUST be at least 6 characters and start with a letter
9. Enter a user key password (similar to password). This MUST be at least 6 characters and start with a letter
10. Enter any other required field. These are marked with '*'. Enter any optional fields if you wish
11. Click Next button. At this point the system will take a while to respond back as the user registration wizard is communicating with the registry and the registry is generating a certificate for you. This step is similar in concept to getting a certificate from a certificate authority. The only difference is that the registry acts as a certificate authority and gives you a certificate instantly
12. Click Download link to download the .p12 file for your new certificate and save it on disk under a name that makes it easy to identify it in future. Do not save it under default name of generated.p12
13. Click on link for your web browser to display instructions on how to import the new certificate into your web browser

At this point you have successfully performed user registration with the registry and can login to the web console and perform actions that require you to be logged in, such as publishing to the registry.

Moving Keys Across Client Keystores

The freebXML Registry uses Digital certificates instead of username / password for authenticating a user. Digital certificates / PKI are different from username/password. They are much more secure.

The basic premise in PKI is that the private key should be guarded carefully by its owner. To make the private key portable one needs to carry it with them from machine to machine. For example one can carry it on a memory stick ones key-chain. This does require a cultural change.

This section provides some guidance on how to move your public/private key pair from one client machine to another.

The simplest way to move the keys is to move the entire keystore by copying the following file from one machine to the other while keeping the same location:

The location sybolically is:

<user.home>/<omar.name>/<dist.version>/jaxr-ebxml/security/keystore.jks

Under default configuration this would be:

~/omar/3.0-beta1/jaxr-ebxml/security/keystore.jks

Note that this means any keys in same file at target location would be overwritten.