AMS fails to load configuration in ITAM 12.9 when ITAM webservices is configured for SSL (HTTPS)

Article Id: 17937

Status: Published

Updated On: 14-02-2018 08:16

Legacy Id: TEC615652

Products:

CA Automation Suite for Data Centers - Configuration Automation , CA Client Automation - Asset Management , CA Client Automation - IT Client Manager , CA Client Automation , CA Client Automation - Remote Control , CA Client Automation - Asset Intelligence , CA Client Automation - Desktop Migration Manager , CA Client Automation - Patch Manager , CA IT Asset Manager , CA Software Asset Manager (CA SAM) , ASSET PORTFOLIO MGMT- SERVER , CA Service Management - Asset Portfolio Management , CA Service Management - Service Desk Manager

Issue/Introduction:

Description:

AMS fails to load configuration in ITAM 12.9 when ITAM webservices is configured for SSL (HTTPS) due to the site certificate not being configured in AMS tomcat.

Solution:

This requires some manual steps to be executed from the server where AMS is installed, as both components are in different technologies.

Stop AMS service.
Browse ITAM web service site using https in IE browser.
Click on the website certificate which is located in IE
Go to detail tab and click on 'Copy to file' button.
Save the file in local box using default parameters
Run the below command via command prompt to add the certificate in java security.

keytool -importcert -file "filePath" -keystore "JRE_PATH\lib\security\cacerts"

Example:

=======

keytool -importcert -file "C:\Users\Administrator\Desktop \ITAM.cer" -keystore "C:\Program Files (x86)\Java\jdk1.7.0_45\jre\lib\security\cacerts"

It will ask you for cacerts password, the default password is "changeit".
If above steps are successful then start the AMS service.

Open CA\SharedComponents\AMS\Tomcat\Conf\server.xml

Replace protocol="HTTP/1.1 with protocol="org.apache.coyote.http11.Http11NioProtocol" in the Connector section.

Environment:

Release: UAPMAC990JPP-12.9-Asset Portfolio Management-Asset Configuration
Component: