Setup CA Identity Manager corporate user store over SSL

Document ID : KB000009305
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

We are having issues connecting to the corporate user store over  port 636 even after the SSL Certificate was imported correctly. 

Environment:
14.1
Resolution:

Step 1)

Confirm that the SSL Cert is indeed correctly imported. To verify make sure the steps below were followed. 

(Example uses CA Directory).

 

Note: In this example the Java is version jdk1.7.0_75 and the JAVA_HOME is set to C:\Program Files\Java\jdk1.7.0_75\jre

 

Navigate to the follow directory:

C:\Program Files\CA\Directory\dxserver\config\ssld\personalities

Example Certificate in PEM format: corporateuserstore.pem

 

Open up CMD as administrator.

Execute

cd C:\Program Files\Java\jdk1.7.0_75\bin

 

Next:

Stop application server

 

Next Execute:

keytool -keystore "C:\Program Files\Java\jdk1.7.0_75\jre\lib\security\cacerts" -import -file "C:\Program Files\CA\Directory\dxserver\config\ssld\personalities\corporateuserstore.pem" -trustcacerts -alias CADIRTrusted

 

 

Step 2)

Verify that the connection was switched to a secure connection. This will throw an error if it isn't switched. To do this on a new creation - Go to IM Management Console > Home › Directories › New Directory > Enter in proper environment credentials and name > Make sure to check off "Secure Connection" > Click Next.

 

If it is an old directory you need to export the directory.xml and update the field "secure" to "true".secure.png

Once updated save it and import the directory.xml file. Be sure to keep a backup of the file.