How do you transfer CAPCs HTTPS certificate to CABI on Linux

Document ID : KB000106311
Last Modified Date : 13/07/2018
Show Technical Document Details
Question:
What are the steps & commands to transfer CAPC's HTTPS certificate over to CABI on Linux?
Answer:
Note: All directories and passwords are default values.  You may need to change these to fit your environment:

1. Find the CAPC server certificate's alias:
 
/opt/CA/jre/bin/keytool -list -v -keystore /opt/CA/PerformanceCenter/jetty/etc/keystore_file.ks -storepass changeit

2. Export CAPC's server certificate using found alias:
/opt/CA/jre/bin/keytool -exportcert -keystore /opt/CA/PerformanceCenter/jetty/etc/keystore_file.ks -storepass changeit -alias capc -file capccert.cer

3. Transfer the CAPC server certificate over to the CABI system

4. Import the CAPC server certificate into the CABI Java keystore:

 
/opt/CA/SharedComponents/CA\ Business\ Intelligence/java/bin/keytool -importcert -keystore /opt/CA/SharedComponents/CA\ Business\ Intelligence/java/lib/security/cacerts -storepass changeit -alias capc -file capccert.cer

 
Additional Information:
The CN or SAN entry in the certificate MUST match what you put in for the CAPC system name.  For example, if you use the system ip address when configuring the CABI <> CAPM integration and the ip address does not exist in the CAPC server certificate, the communication attempt will fail.