For the QZ Tray print server, how can I just install known good certificates that I already have generated with qz-tray-console.exe, without regenerating new ones, so that it presents those to the client instead?
If I run qz-tray-console.exe certgen --host [ip_address] It generates and installs a NEW set of certificates which are presented to the client during wss connection, but I don't want new certificates to be installed.
As you've observed, certgen parameter --host is intended for the generation of a self-signed certificate.
If instead you want to provide your own certificate, you will instead use the --cert parameter per: https://qz.io/docs/print-server#trusted-ca-certificate
# pem/der
java -jar qz-tray.jar certgen --key "privkey.pem" --cert "fullchain.pem"
# pfx/pkcs#12
java -jar qz-tray.jar certgen --pfx "mycert.pfx" --pass "12345"
qz-tray-console.exe certgen [...]"/Applications/QZ Tray.app/Contents/MacOS/QZ Tray" certgen [...]/opt/qz-tray/qz-tray certgen [...]This information is also available via --help certgen, quoting:
Usage: java -jar qz-tray.jar (command)
certgen Performs certificate generation and registration for proper HTTPS support.
java -jar qz-tray.jar certgen [--key key.pem --cert cert.pem] [--pfx cert.pfx --pass 12345] [--host "list;of;hosts"]
OPTIONS
--host, --hosts Semicolon-delimited hostnames and/or IP addresses to generate the HTTPS certificate for.
--cert, -c Path to a stand-alone HTTPS certificate
--key, -k Path to a stand-alone HTTPS private key
--pfx, --pkcs12 Path to a paired HTTPS private key and certificate in PKCS#12 format.
--pass, -p Password for decoding private key.