Increasing Success when Configuring TLS/SSL on CA Performance Center (CAPC)

Document ID : KB000044193
Last Modified Date : 14/02/2018
Show Technical Document Details

Introduction: 

When configuring TLS/SSL on CAPC, there are two main areas where people run into difficulty:

1) Configuration changes to the necessary files/sso settings

2) Problems with certificates (incorrect files, not all the correct files, etc.)


Environment:
  

CA Performance Center, all versions

Instructions: 

It can help to first get up and running on self signed certificates.
This way we can tell that the certificates are OK, and any problems point to a configuration issue.

 

When configuring CAPC to use self signed certificates:

 

1) Use the same keystore/private key passwords you would use when converting the self signed certificate to signed
     or installing a provided key/certificate.

 

2) After getting up and running on the self signed certificates:

 

a) Back up the /opt/CA/PerformanceCenter/jetty/etc/keystore file


b) Back up the /opt/CA/jre/lib/security/cacerts file.

 

            If issue occur when changing to the signed certificates,  if you have not changed any of the files that contain the
             keystore/private key passwords all you would need to do is restore these files and restart the CAPC services to
             restore service.

 

Then after confirming that CAPC is running on Self Signed certificates, then convert the self signed certificate to signed
or install a provided key/certificate.

After installing the new certificates, restart he CAPC services.