AMS fails to load configuration in ITAM 12.9 when ITAM webservices is configured for SSL (HTTPS)

Document ID : KB000017937
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

AMS fails to load configuration in ITAM 12.9 when ITAM webservices is configured for SSL (HTTPS) due to the site certificate not being configured in AMS tomcat.

Solution:

This requires some manual steps to be executed from the server where AMS is installed, as both components are in different technologies.

  1. Stop AMS service.
  2. Browse ITAM web service site using https in IE browser.
  3. Click on the website certificate which is located in IE
  4. Go to detail tab and click on 'Copy to file' button.
  5. Save the file in local box using default parameters
  6. Run the below command via command prompt to add the certificate in java security.

keytool -importcert -file "filePath" -keystore "JRE_PATH\lib\security\cacerts"

Example:

=======

keytool -importcert -file "C:\Users\Administrator\Desktop \ITAM.cer" -keystore "C:\Program Files (x86)\Java\jdk1.7.0_45\jre\lib\security\cacerts"

  1. It will ask you for cacerts password, the default password is "changeit".
  2. If above steps are successful then start the AMS service.

Open CA\SharedComponents\AMS\Tomcat\Conf\server.xml

Replace protocol="HTTP/1.1 with protocol="org.apache.coyote.http11.Http11NioProtocol" in the Connector section.