Some insights on this issue:
CA Technologies ships our product with our self signed certificate, but we do let customers the ability to import their own.
There is a way for customers to import their keys into our keystore and it is documented here - > https://cawiki.ca.com/pages/viewpage.action?pageId=718249398
Once the key is imported its name, needs to be configured in IntroscopeEnterpriseManager.properties using the hidden property:
or, you could just replace the key named ‘spprivatekey’ in the keystore, then you don’t need to update IntroscopeEnterpriseManager.properties file.
There is a way to disable our signing and send the request. The parameter (hidden) that can be configured.
sends our requests without signing.