The CA Identity Manager ships with OOTB certificate(s) set to expire in 2017.
search cancel

The CA Identity Manager ships with OOTB certificate(s) set to expire in 2017.


Article ID: 15517


Updated On:


CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On


The default certificates are set to expire in 2017 and an IM 12.6.x bulletin was released "CA - PROACTIVE NOTIFICATION - IDMGR - ADVISORY - AIDMGR-100477" which provided instructions to follow to replace the expiring certificates for product versions of IM 12.6 SP1-SP8 but does not mention IM 12.5.x release which has already reached End Of Support.

Is IM 12.5 releases impacted and if so what steps should be taken?


Release: CAPUEL99000-12.5-Identity Manager-Blended upgrade to Identity &-Access Mgmt Ente


Yes IM 12.5 releases are impacted as well and so the same documentation should be reviewed and followed that is found in the following link for IM 12.6.x but when it comes to updating jiam.jar you will follow "Use Case 2" instructions which are for IM 12.6 SP1 to SP3 but also can be used for IM 12.5.x release.

Use Case 2: For releases 12.6 SP1 to 12.6 SP3, perform the following steps:

 Ensure that %JAVA_HOME%\bin directory is set in the Path environment variable. 

  • In the downloaded certificate zip file, navigate to 12-6-SP1-12-6-SP3 folder and copy admincacert.jks to a temp location.
  • Run the following command to add the certificate to the jiam.jar file:

    Jar uf <location_of_jiam.jar> <location_of_adminacert.jks>


    jar uf jiam.jar admincacert.jks
  • Copy the updated jiam.jar file from the downloaded certificate zip file to the following locations:

    • CA Identity Manager Tools location
      <IAM_Installation_location>\IAM Suite\Identity Manager\tools\lib

    • Application Server: 
      • JBoss/WebSphere: <EAR_HOME>\library
      • WebLogic: <EAR_HOME>\APP-INF\lib
    • Connector Xpress:
      <IAM_Installation_location>\Connector Xpress\lib