How to use SSL based CA Service Desk Manager (CA SDM) Tomcat with CA One Click?

book

Article ID: 18987

calendar_today

Updated On:

Products

CA IT Asset Manager CA Software Asset Manager (CA SAM) ASSET PORTFOLIO MGMT- SERVER SUPPORT AUTOMATION- SERVER CA Service Desk Manager - Unified Self Service KNOWLEDGE TOOLS CA Service Management - Asset Portfolio Management CA Service Management - Service Desk Manager

Issue/Introduction

The document assumes that the integration works fine with non-SSL port of CA SDM and that the only thing needed is to enable SSL for the communication from CA One Click TO CA SDM

  1. Identify the SSL keystore Alias that CA SDM Tomcat is using by:

    1. Finding the file <SDM_Install_dir>\bopcfg\www\CATALINA_BASE\conf\server.xml on CA SDM server

  2. Identify the keystore file and alias of the key in the keystore file that s being used. It normally looks like:

    keystoreFile="C:\Progra~2\CA\Servic~1\bopcfg\www\CATALINA_BASE\conf\.keystore" alias="newsdmkey"


  • Export the above certificate using Java's keytool command by opening a command prompt and typing:

    keytool -list -keystore .keystore -alias newsdmkey -exportcert -file c:\sdmcertfile.cert

  • Provide c:\sdmcertfile.cert file to One Click administrator.
  • Login to One Click Administration page, select SSL Certificates option and click List to see current SSL certificates in the keystore that One Click knows of
  • Click Browse and select the c:\sdmcertfile.cert file. (Note: an alias name could be used as well)
  • Click Save, restart One Click
  • Repeat (2) to see the newly added certificate
  • Access One Click Administration -> Service Desk Configuration page and then:

    1. Provide SDM SSL Tomcat port number for SDM Web Services Port AND SSL SDM (Tomcat or an SDM Web Server) port for SDM Web Server Port options
    Ensure Enable SSL option is selected
  • Test the connection and save it after the Test is successful.

Note: Couple of other options to identify the SSL certificate of SDM tomcat engine:

  1. Work with the site SSL administrator to get hold of the SSL certificate. This certificate could then be imported to the One Click keystore (follow steps 4 through 8)
  2. Another option is to try Saving the certificate using a browser by

    1. Login SDM SSL Tomcat URL (ex: https://sdmhost:8443/CAisd/pdmweb.exe)

  3. Click on the SSL button or the LOCK icon on the browser URL

  • A browser would launch certificate details option (more details or certificate details)

  • Click View Certificates

  • Go to the Details tab

  • Select Copy to File or Export options

  • Save it to a file on the machine where the Java program needs to be run (ex: c:\CA_SDM_Tomcat_CertFile.cer )

Environment

Release: UAPMAC990JPP-12.9-Asset Portfolio Management-Asset Configuration
Component: