How to configure bulk loader client on Apache SSL proxy server
search cancel

How to configure bulk loader client on Apache SSL proxy server

book

Article ID: 41064

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal

Issue/Introduction

Summary:

This techdoc presents steps to setup bulk loader client in an IdentityMananger (IM) application that has an SSL Apache proxy server in front.

Environment

Identity Manager

Resolution

Assumption:


• IM is functioning fine with Apache Proxy 2.4 on SSL that forwards traffic to IM application.
• Bulk loader client is readily installed
• Web service is enabled for all IM tasks required by the feed.

For example,


Bulk Loader
Create User
Modify User
Delete User


• Execution of Web Services is enabled on the Identity Manager Server:


1. Configuration steps

a. Create a folder to store the bulk client keystore file:

For example, create sslkeystore folder under

\CA\Identity Manager\Bulk Loader\sslkeystore

b. Download the CA root certificate that signed the Apache proxy server cert

For example, if your apache server cert is signed by Verisign, you can go to Verisign website to download it.

c. Import the CA root certificate into the bulk client keystore:

• Navigate to the JRE bin folder to run the keytool commands

• The below command will create the keystore and import the CA root to it:

keytool -import -alias <aliasname> -file <filename> -keystore <keystore name>.jks

For example,

 

 

Note: if there is any space in the filename and path in the command, double quotes must be applied.

• Verify the <keystore name>.jks is created

d. Edit imbulkloadclient.bat under \CA\Identity Manager\Bulk Loader\bin to use SSL

Change these lines:
set TRUSTSTORE=%HOMEDRIVE%%HOMEPATH%\.imbulkloadclientkeystore
set TRUSTSTORE_PASSWORD=changeit

to:
set TRUSTSTORE=..\<keystore folder>\<keystore name>.jks
set TRUSTSTORE_PASSWORD=<password you typed during the import>

For example,

set TRUSTSTORE=..\sslkeystore\imbulkloadclientkeystore.jks
set TRUSTSTORE_PASSWORD=Secret@1

e. Verify details in imbulkloadclient.properties under \CA\Identity Manager\Bulk Loader\conf

Ensure the attribute of the unique identifier is the same between the feed file and the imbulkloadclient.properties.

For example, if the feed file has unique user id as %USER_ID%, the uniqueIdentifierAttrName in imbulkloadclient.properties file must also be %USER_ID%

 


2. Run the bulk loader client
Note: You must set a batch/chunk size when using Bulk Load Client for faster processing. The recommended batch size is 100.

For example:


imbulkloadclient.bat -f CSV -i C:\feeder_file.csv -b 100

 

Attachments

1558719594814000041064_sktwi1f5rjvs16vde.png get_app
1558719592818000041064_sktwi1f5rjvs16vdd.png get_app
1558719590896000041064_sktwi1f5rjvs16vdc.png get_app
1558719588999000041064_sktwi1f5rjvs16vdb.png get_app
Powered by Wolken Software