Apply own p12 certificate in place of the default CA Embedded Entitlements Manager (EEM) certificate

book

Article ID: 18977

calendar_today

Updated On:

Products

CA IT Asset Manager CA Software Asset Manager (CA SAM) ASSET PORTFOLIO MGMT- SERVER SUPPORT AUTOMATION- SERVER CA Service Desk Manager - Unified Self Service KNOWLEDGE TOOLS CA Service Management - Asset Portfolio Management CA Service Management - Service Desk Manager

Issue/Introduction

This document outlines the step by step instructions to replace the default CA Embedded Entitlements Manager (EEM ) certificate with your own p12 certificate issued by a certified vendor such as VeriSign.

Environment

Embedded Entitlements Manager (EEM/EIAM) release 12.5 and higher

Resolution

In order to replace the default CA Embedded Entitlements Manager (EEM ) certificate with your own p12 certificate, follow the steps below:

  1. Copy your p12 certificate to iTechnology folder. (e.g. \Program Files\CA\SharedComponents\iTechnology or Program Files\CA\SC\iTechnology)

  2. Stop the CA iTechnology iGateway service.

  3. Edit \Program Files\CA\SharedComponents\iTechnology\igateway.conf and update the <Connector name="defaultport"> section

    -Set certType to p12

    -Set certURI to your .12 certificate filename, e.g eem.p12.

  4. IMPORTANT:  save, then close the igateway.conf file at this time.  This is because the next step will continue to modify the igateway.conf file to update with your encrypted certificate password.  We will open the file once more to confirm all changes have been made.
  5. Run ConfigTool command to set the certPW tag to the munged (encrypted) password as per below.

    e.g.
    C:\Program Files (x86)\CA\SC\iTechnology>ConfigTool -munge -version 4.6.0.0 -comp igateway -tag "TransportReceiver=HTTP;Connector=defaultport;certPW;" -passwd password1234

    What this command does is update the igateway.conf file such that the "certPW" tag is updated with the encrypted password.  The input password in the above command example is "password1234".

  6. Open the igateway.conf file to confirm the changes have been made per the above.  Save/close the file.

  7. Start the CA iTechnology iGateway service