Smkeydatabase : How to Rebuild the Smkeydatabase for Federation

Document ID : KB000022364
Last Modified Date : 14/02/2018
Show Technical Document Details

Question :

The smkeydatabase I am running on the Policy Server is corrupted as I cannot export any keys from it, nor certificate. What should I do to recreate it ? I have the original certificate and its key with me.

Answer :

Here's a sample of the steps to follow to get new smkeydatabase on a Unix system :

  # cd siteminder_home   
  # tar -cvf smkeydatabase.tar smkeydatabase/   
  # cd bin/   
  # ./smkeytool.sh -deleteDB   
  Y   
  # ./smkeytool.sh -createDB -password password_of_your_choice -importdefaultCACerts   
  # ./smkeytool.sh -addPrivKey -alias defaultenterpriseprivatekey   
  -keyfile your_key_file -certfile your_cert_file   
  -password password_of_your_choice   
  # ./smkeytool.sh -addCert your_CA   
  # ./smkeytool.sh -listcerts  

and this last command should give you the listing of all certificates entered in the smkeydatabase.