Setup CA Identity Manager corporate user store over SSL
search cancel

Setup CA Identity Manager corporate user store over SSL


Article ID: 9305


Updated On:


CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite


We are having issues connecting to the corporate user store over  port 636 even after the SSL Certificate was imported correctly. 




Step 1)

Confirm that the SSL Cert is indeed correctly imported. To verify make sure the steps below were followed. 

(Example uses CA Directory).


Note: In this example the Java is version jdk1.7.0_75 and the JAVA_HOME is set to C:\Program Files\Java\jdk1.7.0_75\jre


Navigate to the follow directory:

C:\Program Files\CA\Directory\dxserver\config\ssld\personalities

Example Certificate in PEM format: corporateuserstore.pem


Open up CMD as administrator.


cd C:\Program Files\Java\jdk1.7.0_75\bin



Stop application server


Next Execute:

keytool -keystore "C:\Program Files\Java\jdk1.7.0_75\jre\lib\security\cacerts" -import -file "C:\Program Files\CA\Directory\dxserver\config\ssld\personalities\corporateuserstore.pem" -trustcacerts -alias CADIRTrusted



Step 2)

Verify that the connection was switched to a secure connection. This will throw an error if it isn't switched. To do this on a new creation - Go to IM Management Console > Home › Directories › New Directory > Enter in proper environment credentials and name > Make sure to check off "Secure Connection" > Click Next.


If it is an old directory you need to export the directory.xml and update the field "secure" to "true".

Once updated save it and import the directory.xml file. Be sure to keep a backup of the file.