search cancel

Changing the CAPKI certificate to self signed certificate causes Service Manager to use unsecure connection.


Article ID: 257993


Updated On:


CA Automic Workload Automation - Automation Engine


In the Automation Engine, [CAPKI] section in ucsrv.ini and UCYBSMgr.ini of the Service Manager reference the self-signed certificate.

The [CAPKI] section ucsrv.ini of the Automation engine and UCYBSMgr.ini of the service manager have been modified but when the service has been restarted, it is throwing an error -allowing only unsecure connection.


Release : 21.0


The CAPKI section of the ini file goes like this ->

certificate=C:\Automic_v2104\ServiceManager\bin\<full certificate chain>.cer
key=C:\Automic_v2104\ServiceManager\bin\<private key>.pem

To create the <full certificate chain>.cer, we used the keystore explorer and export > export certificate chain.

Then Under Export Length, we selected 'Entire Chain'.

To create the <private key>.pem file, we exported the keypair and then selected format PEM.

Be sure to update both the UCsrv.ini and the UCYBSMgr.ini for consistency.