How do you transfer CAPCs HTTPS certificate to CABI on Linux

book

Article ID: 106311

calendar_today

Updated On:

Products

CA Infrastructure Management CA Infrastructure Management CA Performance Management - Usage and Administration CA Performance Management - Data Polling

Issue/Introduction



What are the steps & commands to transfer CAPC's HTTPS certificate over to CABI on Linux?

Environment

Release:
Component: IMADMN

Resolution

Note: All directories and passwords are default values.  You may need to change these to fit your environment:

1. Find the CAPC server certificate's alias:
 
/opt/CA/jre/bin/keytool -list -v -keystore /opt/CA/PerformanceCenter/jetty/etc/keystore_file.ks -storepass changeit

2. Export CAPC's server certificate using found alias:
/opt/CA/jre/bin/keytool -exportcert -keystore /opt/CA/PerformanceCenter/jetty/etc/keystore_file.ks -storepass changeit -alias capc -file capccert.cer

3. Transfer the CAPC server certificate over to the CABI system

4. Import the CAPC server certificate into the CABI Java keystore:

 
/opt/CA/SharedComponents/CA\ Business\ Intelligence/java/bin/keytool -importcert -keystore /opt/CA/SharedComponents/CA\ Business\ Intelligence/java/lib/security/cacerts -storepass changeit -alias capc -file capccert.cer

 

Additional Information

The CN or SAN entry in the certificate MUST match what you put in for the CAPC system name.  For example, if you use the system ip address when configuring the CABI <> CAPM integration and the ip address does not exist in the CAPC server certificate, the communication attempt will fail.