Add your own certificate when configuring CCI SSL for OM Web Viewer 12.1 for USS

search cancel

book

calendar_today

Output Management Web Viewer

How to use your own certificate when setting up OM Web Viewer 12.1 for CCISSL.

Assuming 'DIGICERT.CAICCI.XXXXXXX' is a certificate in a format that the Java keystore program uses.
On OMVS, create a temporary work folder. For example:
mkdir $HOME/keystore
FTP 'DIGICERT.CAICCI.XXXXXXX' using binary transfer to OMVS file $HOME/keystore/ccicert where ccicert will be the file - you can name this whatever you want.
On OMVS, ensure Java (${JAVA_HOME/bin) is in your path (for your session) - this should contain the "keytool" program. Note: It should already be there.
Set your current directory to the one containing the just FTP'd certificate file. For example:
cd $HOME/keystore
Issue command:
keytool -importcert -file $HOME/keystore/ccicert –keystore $HOME/keystore/cci.jks
When prompted for a password, enter the certificate's password.
When prompted to trust this certificate, respond "yes"
Note: If you also have a "Client End User Certificate", you will need to import that into the same keystore file.
When done, there should be a file named "cci.jks" in your temporary work folder. Note the full path to this file as well as the certificate password (same password used to secure the keystore file).

Run the configtool
Select your configuration type
Select "1: CCI Settings"
When prompted for "CCISSL: SSL connection", select either 2 (defer) or 3 (force).
When prompted for "CCISSL: Encryption Keystore", enter the full path to the keystore file created above. For example:
$HOME/keystore/cci.jks
When prompted for a password, enter the keystore (same as certificate) password.
Respond to the remaining questions.
When prompted, test the connection.
Save the changes.
If Tomcat is active, stop/start it to ensure setting changes are all picked up.

thumb_up Yes

thumb_down No