How To Import SSL Certificate from the Certificate Authority

Document ID : KB000112210
Last Modified Date : 04/09/2018
Show Technical Document Details
Introduction:
When customer received the certificate files from the CA, these are the recommended steps to import the certificate into the CA Spectrum Oneclick.
Environment:
CA Spectrum 10.2.x
OS Any
Instructions:
1. Create 3 empty files and place each certificate from the certificate file: 


From 
-----BEGIN CERTIFICATE----- 

To 

-----END CERTIFICATE----- 

2. Then run command: 

openssl x509 -in file.txt -noout -text  | egrep "(Subject:|Issuer:)" 

To identify the root certificate. 

3. Then import them using the : 

./keytool -import -alias root -keystore $SPECROOT/custom/keystore/cacerts -trustcacerts -file root_chain_certificate_filename


4. For each other file you create then run:
 
./keytool -import -alias <filealias> -keystore $SPECROOT/custom/keystore/cacerts -trustcacerts -file your_certificate_filename

(Make sure you identify the aliasname with each files to avoid confusion)

5. Then run the following and include the cer certificate they provided:

./keytool -import -alias tomcatssl -keystore $SPECROOT/custom/keystore/cacerts -trustcacerts -file your_certificate_filename

6. Cd to $Specroot/tomcat/bin

Stop Tomcat.

$SPECROOT/tomcat/bin/stopTomcat.sh

Start Tomcat.

$SPECROOT/tomcat/bin/startTomcat.sh

Additional Information:
More information About SSL Import:

https://docops.ca.com/ca-spectrum/10-2-3/en/administrating/oneclick-administration/oneclick-server-communications-and-network-configuration/configure-oneclick-for-secure-sockets-layer