Setup CA Identity Manager corporate user store over SSL

Document ID : KB000009305
Last Modified Date : 14/02/2018
Show Technical Document Details

We are having issues connecting to the corporate user store over  port 636 even after the SSL Certificate was imported correctly. 


Step 1)

Confirm that the SSL Cert is indeed correctly imported. To verify make sure the steps below were followed. 

(Example uses CA Directory).


Note: In this example the Java is version jdk1.7.0_75 and the JAVA_HOME is set to C:\Program Files\Java\jdk1.7.0_75\jre


Navigate to the follow directory:

C:\Program Files\CA\Directory\dxserver\config\ssld\personalities

Example Certificate in PEM format: corporateuserstore.pem


Open up CMD as administrator.


cd C:\Program Files\Java\jdk1.7.0_75\bin



Stop application server


Next Execute:

keytool -keystore "C:\Program Files\Java\jdk1.7.0_75\jre\lib\security\cacerts" -import -file "C:\Program Files\CA\Directory\dxserver\config\ssld\personalities\corporateuserstore.pem" -trustcacerts -alias CADIRTrusted



Step 2)

Verify that the connection was switched to a secure connection. This will throw an error if it isn't switched. To do this on a new creation - Go to IM Management Console > Home › Directories › New Directory > Enter in proper environment credentials and name > Make sure to check off "Secure Connection" > Click Next.


If it is an old directory you need to export the directory.xml and update the field "secure" to "true".secure.png

Once updated save it and import the directory.xml file. Be sure to keep a backup of the file.