> take a backup of tomcat\conf directory and server.xml file.
> keytool -genkey -alias tomcat -keyalg RSA -sigalg SHA1withRSA -keysize 2048 -keystore keystore.p12 -storepass internal4bmc -storetype pkcs12 -providername JsafeJCE
> keytool -v -certreq -alias tomcat -keystore keystore.p12 -storepass internal4bmc -storetype pkcs12 -file asso.csr
> sign the new generated .csr file in Active Directory and they will provide two files .CER and .P7B
> keytool -v -importcert -trustcacerts -alias tomcat -keyalg RSA -keystore keystore.p12 -storepass internal4bmc -storetype pkcs12 -providername JsafeJCE -file asso.p7b
- After importing the certified certificate into keystore.p12, make another copy of keystopre.p12 and name the new file as cacerts.p12
- Copy both the keystore.p12 and cacerts.p12 into <asso tomcat>\conf directory after renaming the existing files in that directory.
- Make sure to update server.xml file to point to the new copied files with a correct password.
- Stop ASSO tomcat service
- Start ASSO tomcat service. Wait for 2 minutes or so to start ASSO tomcat service.
- Access ASSO URL in a browser after clearing its cache, you should be able to see the ASSO site without any SSL warning message.
- Once this is done, delete the Midtier agents from ASSO admin console one by one.
- Re-integrate Midtier agent with ASSO server. run ASSO setup on Midtier server to re-integrate Midtier with ASSO server.