search cancel

Setting up SSL for Web UI and Automation Studio User Interface for Release Automation


Article ID: 35790


Updated On:


CA Release Automation - Release Operations Center (Nolio) CA Release Automation - DataManagement Server (Nolio)



How to Apply SSL for Web UI and ASAP for Release Automation



For every machine where a certificate is to be generated (usually this means NAC, NES and Agent), the following conditions must apply:

  • Java JDK is installed.
  • Java JDK’s “bin” directory is set in the environment variable PATH.

Set JDK bin path in Windows Server, 

  • Click “Start” and Type “Edit environment variables for your account” in the Search on Start Menu.
  • Under “System Variables” find “PATH” variable >> Click “Edit”
  • At the end of the variable value, add a semicolon followed by the JDK “bin” path (for example: ;C:\Program Files\Java\jdk1.8.0_45\bin).

1. Open Command Line in NAC folder.

2. Run the following 6 commands one by one and follow their directives.

    a) keytool -genkeypair -keyalg RSA -keysize 2048 -keystore conf/custom-keystore.jks -alias nac-env

    b) keytool -exportcert -alias nac-env -file nac.crt -keystore conf/custom-keystore.jks -v

    c) keytool -importcert -alias nac-env -file nac.crt -keystore conf/custom-truststore.jks -v -rfc

    d) keytool -importcert -alias nac-env -file nac.crt -keystore nolio.jks -v -rfc

    e) jar cvf custom-truststore.jar nolio.jks

    f) jarsigner -keystore conf/custom-keystore.jks -verbose -keypass PASSWORD custom-truststore.jar nac-env

3. Copy the file custom-truststore.jar (created in step 3)  to \webapps\nolio-app\apps\v2.0.0\lib\

4. Create the file \conf\ and populate it with the following line:

ui.trustStorePassword=<plaintext password for keystore generated for custom-truststore.jar>

5. Locate the file \conf\server.xml

6. Make a copy of this file and name it server.xml.original

7. Open server.xml

8. Modify “Connector” section in server.xml as follows (4 changes):

       <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"












                          keystorePass="<plaintext password for keystore">



9. Close all instances of ASAP and ROC.

10. Clear Java cache by running: javaws –uninstall

11. Restart NAC service.


Additional Information:

To verify Web UI Certificates Were Applied

  1. Open browser at: https://NAC:8443 (make sure you are adding “https” at the start)
  2. Open browser certificate.
  3. Confirm certificate details as those you created.


Release: NOLNAC99000-5.5-Nolio-Automation Center