ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

How To Import SSL Certificate from the Certificate Authority into Spectrum OneClick


Article ID: 112210


Updated On:


CA Spectrum DX NetOps


When customer received the certificate files from the CA, these are the recommended steps to import the certificate into the CA Spectrum Oneclick.


Release: All Supported Releases

Component: SPCOCK - Spectrum OneClick


1. Create 3 empty files and place each certificate from the certificate file: 




Note: Make sure the file ends on the END CERTIFICATE line with no extra spaces or blank lines. Extra spaces and/or lines often cause import issues

2. Then run command: 

openssl x509 -in file.txt -noout -text  | egrep "(Subject:|Issuer:)" 

To identify the root certificate. 

3. Then import them using the : 

./keytool -import -alias root -keystore $SPECROOT/custom/keystore/cacerts -trustcacerts -file root_chain_certificate_filename

4. For each other file you create then run:

./keytool -import -alias <filealias> -keystore $SPECROOT/custom/keystore/cacerts -trustcacerts -file your_certificate_filename

(Make sure you identify the aliasname with each files to avoid confusion)

5. Then run the following and include the cer certificate they provided:

./keytool -import -alias tomcatssl -keystore $SPECROOT/custom/keystore/cacerts -trustcacerts -file your_certificate_filename


6. Cd to $Specroot/tomcat/bin

Stop Tomcat.


Start Tomcat.



Additional Information

Please reference the "Configure OneClick for Secure Sockets Layer" section of the documentation for more information.