Setup CA Identity Manager corporate user store over SSL
search cancel

Setup CA Identity Manager corporate user store over SSL

book

Article ID: 9305

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

We are having issues connecting to the corporate user store over  port 636 even after the SSL Certificate was imported correctly. 

Environment

14.1

Resolution

Step 1)

Confirm that the SSL Cert is indeed correctly imported. To verify make sure the steps below were followed. 

(Example uses CA Directory).

 

Note: In this example the Java is version jdk1.7.0_75 and the JAVA_HOME is set to C:\Program Files\Java\jdk1.7.0_75\jre

 

Navigate to the follow directory:

C:\Program Files\CA\Directory\dxserver\config\ssld\personalities

Example Certificate in PEM format: corporateuserstore.pem

 

Open up CMD as administrator.

Execute

cd C:\Program Files\Java\jdk1.7.0_75\bin

 

Next:

Stop application server

 

Next Execute:

keytool -keystore "C:\Program Files\Java\jdk1.7.0_75\jre\lib\security\cacerts" -import -file "C:\Program Files\CA\Directory\dxserver\config\ssld\personalities\corporateuserstore.pem" -trustcacerts -alias CADIRTrusted

 

 

Step 2)

Verify that the connection was switched to a secure connection. This will throw an error if it isn't switched. To do this on a new creation - Go to IM Management Console > Home › Directories › New Directory > Enter in proper environment credentials and name > Make sure to check off "Secure Connection" > Click Next.

 

If it is an old directory you need to export the directory.xml and update the field "secure" to "true".

Once updated save it and import the directory.xml file. Be sure to keep a backup of the file.