How to configure an CNAME alias for ENTM

book

Article ID: 108651

calendar_today

Updated On:

Products

CA Privileged Access Manager - Server Control (PAMSC) CA Privileged Identity Management Endpoint (PIM)

Issue/Introduction

We want to use a DNS alias for the ENTM URL to access the ENTM console
What do we have to configure in ENTM to accomplish this?

How do we have to configure the SSL certificate in this case?

Environment

Release:
Component: SEOSWG

Resolution

ENTM UI is basically always returning to what is set in
System / Configuration / UI Settings / Base URL

I.e.
- the original Base URL is set to
  https://WIN2012:18443/iam

- in DNS create a CNAME record
  WIN2012Alias pointing to WIN2012

- now try logging on to ENTM with the alias
  https://WIN2012Alias:18443/iam/ac

- note: login is successful but the URL is redirected to the Base URL

- adjusting the setting of Base URL to
  https://WIN2012Alias:18443/iam
  is resolving the issue

Before making changes of this kind in production please make sure you have a full snapshot backup of the entire ENTM box.

The ENTM SSL Certificate's Subject needs to reflect the used URL, in this case WIN2012Alias