Description:

The following procedure will help you to configure CAPM to use a self-signed certificate to enable SSL communication (HTTPS).

Solution:

Complete the following steps:

1. Change the keystore's password for JSSE from changeit to <your_password> 
   
   $CAPM_HOME/jre/bin/keytool -storepasswd -keystore $CAPM_HOME/jre/lib/security/cacerts 
   
   
2. Remove the default CAPM keystore 
   
   mv $CAPM_HOME/PerformanceCenter/jetty-7.2.0/etc/keystore $CAPM_HOME/PerformanceCenter/jetty-7.2.0/etc/keystore.bck
   
   
3. Create a self-signed certificate for CAPMs keystore
   
   $CAPM_HOME/jre/bin/keytool -genkey -keyalg RSA -alias <CAPC_Hostname> -keystore $CAPM_HOME/PerformanceCenter/jetty-7.2.0/etc/keystore -storepass <your_password> -keysize 2048
   
   
4. Import the self-signed certificate to the JSSE keystore
   
   $CAPM_HOME/jre/bin/keytool -importkeystore -srckeystore $CAPM_HOME/PerformanceCenter/jetty-7.2.0/etc/keystore -destkeystore $CAPM_HOME/jre/lib/security/cacerts -srcstorepass <your_password> -deststorepass <your_password> -srcalias <CAPM_Hostname> -destalias <CAPM_Hostname>
   
   
5. Continue with the SSO HTTPS configuration steps from the CAPM documentation.

Notes:

• $CAPM_HOME is the directory where CAPC was installed; default is /opt
  
  
• <your_password> is the password you chose for the self-signed certificate
  
  
• <CAPM_Hostname> is the host name set on the CAPM Server
  
  
• Change on the jetty-ssl.xml file PASSWORD to <your_password>.

Release: IMDAGG99000-2.5-Infrastructure Management-Data Aggregator
Component: