How to enable HTTPS (SSL) in CA Performance Manager (CAPM) using a self-signed certificate
book
Article ID: 32131
calendar_today
Updated On:
Products
CA Infrastructure Management
CA Performance Management - Usage and Administration
Issue/Introduction
Description:
The following procedure will help you to configure CAPM to use a self-signed certificate to enable SSL communication (HTTPS).
Solution:
Complete the following steps:
- Change the keystore's password for JSSE from changeit to <your_password>
$CAPM_HOME/jre/bin/keytool -storepasswd -keystore $CAPM_HOME/jre/lib/security/cacerts
- Remove the default CAPM keystore
mv $CAPM_HOME/PerformanceCenter/jetty-7.2.0/etc/keystore $CAPM_HOME/PerformanceCenter/jetty-7.2.0/etc/keystore.bck
- Create a self-signed certificate for CAPMs keystore
$CAPM_HOME/jre/bin/keytool -genkey -keyalg RSA -alias <CAPC_Hostname> -keystore $CAPM_HOME/PerformanceCenter/jetty-7.2.0/etc/keystore -storepass <your_password> -keysize 2048
- Import the self-signed certificate to the JSSE keystore
$CAPM_HOME/jre/bin/keytool -importkeystore -srckeystore $CAPM_HOME/PerformanceCenter/jetty-7.2.0/etc/keystore -destkeystore $CAPM_HOME/jre/lib/security/cacerts -srcstorepass <your_password> -deststorepass <your_password> -srcalias <CAPM_Hostname> -destalias <CAPM_Hostname>
- Continue with the SSO HTTPS configuration steps from the CAPM documentation.
Notes:
- $CAPM_HOME is the directory where CAPC was installed; default is /opt
- <your_password> is the password you chose for the self-signed certificate
- <CAPM_Hostname> is the host name set on the CAPM Server
- Change on the jetty-ssl.xml file PASSWORD to <your_password>.
Environment
Release: IMDAGG99000-2.5-Infrastructure Management-Data Aggregator
Component:
Feedback
thumb_up
Yes
thumb_down
No