How To - Configure HTTPS on SSO Server

Version 3
    Share This:





    > take a backup of tomcat\conf directory and server.xml file.

    > keytool -genkey -alias tomcat -keyalg RSA -sigalg SHA1withRSA -keysize 2048 -keystore keystore.p12 -storepass internal4bmc -storetype pkcs12 -providername JsafeJCE

    > keytool -v -certreq -alias tomcat -keystore keystore.p12 -storepass internal4bmc -storetype pkcs12 -file asso.csr

    > sign the new generated .csr file in Active Directory and they will provide two files .CER and .P7B

    > keytool -v -importcert -trustcacerts -alias tomcat -keyalg RSA -keystore keystore.p12 -storepass internal4bmc -storetype pkcs12 -providername JsafeJCE -file asso.p7b



    - After importing the certified certificate into keystore.p12, make another copy of keystopre.p12 and name the new file as cacerts.p12

    - Copy both the keystore.p12 and cacerts.p12 into <asso tomcat>\conf directory after renaming the existing files in that directory.

    - Make sure to update server.xml file to point to the new copied files with a correct password.

    - Stop ASSO tomcat service

    - Start ASSO tomcat service.  Wait for 2 minutes or so to start ASSO tomcat service.

    - Access ASSO URL in a browser after clearing its cache, you should be able to see the ASSO site without any SSL warning message.



    - Once this is done, delete the Midtier agents from ASSO admin console one by one.

    - Re-integrate Midtier agent with ASSO server.  run ASSO setup on Midtier server to re-integrate Midtier with ASSO server.