How to configure bulk loader client on Apache SSL proxy server
search cancel

How to configure bulk loader client on Apache SSL proxy server


Article ID: 41064


Updated On:


CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On



This techdoc presents steps to setup bulk loader client in an IdentityMananger (IM) application that has an SSL Apache proxy server in front. If your IM application is setup on SSL directly, please refer to this techdoc in CA Communities website:



Release: CAIDMB99000-12.6.5-Identity Manager-B to B



• IM is functioning fine with Apache Proxy 2.4 on SSL that forwards traffic to IM application.
• Bulk loader client is readily installed
• Web service is enabled for all IM tasks required by the feed.

For example,

Bulk Loader
Create User
Modify User
Delete User


<Please see attached file for image>


• Execution of Web Services is enabled on the Identity Manager Server:


<Please see attached file for image>

1. Configuration steps

a. Create a folder to store the bulk client keystore file:

For example, create sslkeystore folder under

\CA\Identity Manager\Bulk Loader\sslkeystore

b. Download the CA root certificate that signed the Apache proxy server cert

For example, if your apache server cert is signed by Verisign, you can go to Verisign website to download it.

c. Import the CA root certificate into the bulk client keystore:

• Navigate to the JRE bin folder to run the keytool commands

• The below command will create the keystore and import the CA root to it:

keytool -import -alias <aliasname> -file <filename> -keystore <keystore name>.jks

For example,


<Please see attached file for image>


Note: if there is any space in the filename and path in the command, double quotes must be applied.

• Verify the <keystore name>.jks is created

d. Edit imbulkloadclient.bat under \CA\Identity Manager\Bulk Loader\bin to use SSL

Change these lines:
set TRUSTSTORE=%HOMEDRIVE%%HOMEPATH%\.imbulkloadclientkeystore

set TRUSTSTORE=..\<keystore folder>\<keystore name>.jks
set TRUSTSTORE_PASSWORD=<password you typed during the import>

For example,

set TRUSTSTORE=..\sslkeystore\imbulkloadclientkeystore.jks

e. Verify details in under \CA\Identity Manager\Bulk Loader\conf

Ensure the attribute of the unique identifier is the same between the feed file and the

For example, if the feed file has unique user id as %USER_ID%, the uniqueIdentifierAttrName in file must also be %USER_ID%


<Please see attached file for image>


2. Run the bulk loader client
Note: You must set a batch/chunk size when using Bulk Load Client for faster processing. The recommended batch size is 100.

For example:

imbulkloadclient.bat -f CSV -i C:\feeder_file.csv -b 100


1558719594814000041064_sktwi1f5rjvs16vde.png get_app
1558719592818000041064_sktwi1f5rjvs16vdd.png get_app
1558719590896000041064_sktwi1f5rjvs16vdc.png get_app
1558719588999000041064_sktwi1f5rjvs16vdb.png get_app