We have imported custom certificate in PAM however after starting PAM the agents are showing as inactive.

Document ID : KB000033625
Last Modified Date : 14/02/2018
Show Technical Document Details

After importing custom certificate in PAM, the agents status changed to inactive.
What is the correct procedure to install custom certificates?

Use following steps to import the certificate.

1. Stop PAM Service

2. To generate new keystore Open command prompt and navigate to '.JDK\bin' directory then execute following command.
   Keytool -genkey -alias <<aliasname>> -keyalg RSA -keystore <<keystorename>>

   The above command will prompt for a password to secure the c2okeystore. This password will be required in a later stage therefore lease keep a note of it.

3. Import the certificate in keystore using below command
    keytool - import - alias myalias - file certfile - keystore  "path_and_file_specification_for_keystore".

4. Copy the new keystore to <<PAM_INSTALLATION_DIRECTORY>>/server/c2o/.config/
    Don t delete the existing “c2okeystore” from <<PAM_INSTALLATION_DIRECTORY>>\server\c2o\.config

5. Go to <<PAM_INSTALLATION_DIRECTORY>>\server\c2o

6. Run the command
   PasswordEncryption.bat NEW_KEYSTORE_PASSWORD >password.txt

7. Edit and update the <<PAM_INSTALLATION_DIRECTORY>>\server\c2o\.config\OasisConfig.properties with the following entries


8. Backup current '.\PAM\server\c2o\deploy\jbossweb.sar\server.xml file OUTSIDE of PAM install directory.

Note: Don't backup the file in same folder.
9. Edit the Connector element to use non-default properties (example below has the word custom keyword added to out of the box properties)
   <Connector protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
    port="${tomcat.secure.port}" address="${jboss.bind.address}"
    maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
    scheme="https" secure="true" clientAuth="false"
    sslProtocol = "${SSL_PROTOCOL}" algorithm = "${X509_ALGORITHM}"ciphers="${jboss.ssl. ciphers}" useBodyEncodingForURI="true"   


10. Save the file and Start PAM service