ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Does Access Gateway support PKCS12 key store type?

book

Article ID: 239332

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Secure Proxy Server (SiteMinder)

Issue/Introduction

Does the Access Gateway support the PKCS12 key store type, which is default with the JDK 11 version?

Environment

Release : 12.8.06

Component : SITEMINDER SECURE PROXY SERVER; Access Gateway

Resolution

The 12.8.06 version of Access Gateway supports JDK 11 but the PKCS12 key store is not supported with this version of Access Gateway. You need to create a key store that supports JKS (JCEKS) for enabling SSL on Tomcat for the Access Gateway. You need to run the following command to create a JKS key store:

keytool -genkeypair -keysize numbits -keyalg RSA -alias tomcat -storetype JCEKS -keystore tomcat.keystore 

Here is the documentation link for enabling SSL on Tomcat for the Access Gateway:

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/configuring/access-gateway-configuration/configuring-ssl-for-access-gateway/configuring-ssl-on-tomcat-application-server-manually.html