How to find which root cert is being used in Advanced Authentication
search cancel

How to find which root cert is being used in Advanced Authentication

book

Article ID: 245790

calendar_today

Updated On:

Products

CA Risk Authentication CA Strong Authentication CA Advanced Authentication

Issue/Introduction

I am working on renewing AA certificates. As we change rootca and certificate chain this time. I am not sure which one I should use for two place:

1. UDS connection

Services and Server Configurations >Administration Console > UDS Connectivity Configuration

2. Risk Authentication Administration Connectivity

Click the Services and Server Configurations -> Risk Authentication -> System Configuration à Risk Authentication Connectivity -à Risk Authentication Administration Connectivity (7777)

Server CA Root Certificate :

Could u take a look and let me know which one I should use here: rootca or certificate chain?

Environment

Release : 9.1

Component : Strong Authentication

Risk Authentication

Resolution

For Risk Authentication and Strong Authentication components the Certificate is maintained in the below table.

ARADMINMAP

For UDS SSL connection, the certificate is maintained in the table.

ARADMINCONFIG

You can extract the certificate from these tables by using SQL queries or tools like SQL developer, the data is maintained in a BLOB value. The extracted value is base64 encoded so to get the actual certificate we have to decode that.

Below command can be used to see the contents of the certificate.

openssl x509 -in aaa_cert.pem -noout -text

Where aaa_cert.pem is the certificate obtained after base64 decoding the BLOB value.