How to import a Microsoft Certificate Authority certificate into Tomcat.
Article ID: 53212
Updated On:
Products
CA IT Asset Manager
CA Software Asset Manager (CA SAM)
ASSET PORTFOLIO MGMT- SERVER
SUPPORT AUTOMATION- SERVER
CA Service Desk Manager - Unified Self Service
CA Service Desk Manager
CA Service Management - Asset Portfolio Management
CA Service Management - Service Desk Manager
Issue/Introduction
Description
This document describes the steps needed to import a certificate into Service Desk and/or CMDB Tomcat.
Solution
- Run the JRE 1.6 keytool to create the .keystore file:
D:\Program Files\CA\SC\JRE\1.6.0_00\bin>keytool -genkeypair -alias SDR12 -keyalg RSA -keystore SDR12.keystore -dname "CN=Service Desk..."
- Create the certificate request:
D:\Program Files\CA\SC\JRE\1.6.0_00\bin>keytool -certreq -keystore SDR12.keystore -alias SDR12 -file certrequest.txt.
- Submit the file "certrequest.txt" to your Microsoft Certificate Authority. It should be a BASE64 encoded certificate.
- Import the certificate (in the example below, the filename is "sd_12_new2.p7b"):
D:\Program Files\CA\SC\JRE\1.6.0_00\bin>keytool -importcert -trustcacerts -alias SDR12 -keystore SDR12.keystore -file sd_12_new2.p7b.
- Edit the server.xml file located in the following directory: NX_ROOT\bopcfg\www\CATALINA_BASE\conf.
Uncomment the SSL section and add the location of the keystore file ("SDR12.keystore" in this document).<Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="C:\\SDR12.keystore" keystorePass="changeit" />
- Recycle Tomcat:
pdm_tomcat_nxd -c STOPpdm_tomcat_nxd -c START
- Verify you can access Service Desk through the secure port:
https://serverName:8443/.
Environment
Release:
Component: ARGIS
Component: ARGIS
Feedback
Yes
No
Powered by
