ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Using signed cert for SAML keystore


Article ID: 186623


Updated On:


DX Unified Infrastructure Management (Nimsoft / UIM)


Are we able to use a signed certificate in the SAML keystore to replace the self-signed cert that is generated for it?
If so, how?


Release : 9.2.0

Component : UIM - UMP LIFERAY


You can use the same signed cert you use for the wasp probe in the SAML keystore.  The steps to do so, follow:

1. Disable wasp probe.
2. Use the keytool utility to list the alias present in wasp.keystore and copy wasp.keystore to the /data folder where the self-signed keystore is located.
3. Backup the self-signed keystore and rename it.
4. Rename wasp.keystore as keystore.jks.  SAML does not recognize the keystore unless it was named keystore.jks, even if you specify the file name 'wasp.keystore' in
5. Change the saml.keystore.password in to the wasp.keystore password
6. Change the saml.keystore.credential.password[alias] in to the wasp.keystore password.  Also, change the value in brackets to the keystore alias used in wasp.keystore\
7. Change the in to the alias used in wasp.keystore.
8. Restart wasp probe.