How to use SSL based CA Service Desk Manager (CA SDM) Tomcat with CA One Click?

Document ID : KB000018987
Last Modified Date : 14/02/2018
Show Technical Document Details

The document assumes that the integration works fine with non-SSL port of CA SDM and that the only thing needed is to enable SSL for the communication from CA One Click TO CA SDM

  1. Identify the SSL keystore Alias that CA SDM Tomcat is using by:

    1. Finding the file <SDM_Install_dir>\bopcfg\www\CATALINA_BASE\conf\server.xml on CA SDM server

  2. Identify the keystore file and alias of the key in the keystore file that s being used. It normally looks like:

    keystoreFile="C:\Progra~2\CA\Servic~1\bopcfg\www\CATALINA_BASE\conf\.keystore" alias="newsdmkey"


  • Export the above certificate using Java's keytool command by opening a command prompt and typing:

    keytool -list -keystore .keystore -alias newsdmkey -exportcert -file c:\sdmcertfile.cert

  • Provide c:\sdmcertfile.cert file to One Click administrator.
  • Login to One Click Administration page, select SSL Certificates option and click List to see current SSL certificates in the keystore that One Click knows of
  • Click Browse and select the c:\sdmcertfile.cert file. (Note: an alias name could be used as well)
  • Click Save, restart One Click
  • Repeat (2) to see the newly added certificate
  • Access One Click Administration -> Service Desk Configuration page and then:

    1. Provide SDM SSL Tomcat port number for SDM Web Services Port AND SSL SDM (Tomcat or an SDM Web Server) port for SDM Web Server Port options
    Ensure Enable SSL option is selected
  • Test the connection and save it after the Test is successful.

Note: Couple of other options to identify the SSL certificate of SDM tomcat engine:

  1. Work with the site SSL administrator to get hold of the SSL certificate. This certificate could then be imported to the One Click keystore (follow steps 4 through 8)
  2. Another option is to try Saving the certificate using a browser by

    1. Login SDM SSL Tomcat URL (ex: https://sdmhost:8443/CAisd/pdmweb.exe)

  3. Click on the SSL button or the LOCK icon on the browser URL

  • A browser would launch certificate details option (more details or certificate details)

  • Click View Certificates

  • Go to the Details tab

  • Select Copy to File or Export options

  • Save it to a file on the machine where the Java program needs to be run (ex: c:\CA_SDM_Tomcat_CertFile.cer )