Service Operations Insight

  • Private Community

  • 1.  SOI Tech Tips: Unable to import SSL certificate manually

    Posted Jan 19, 2015 05:16 AM

    Problem:

    I am using SOI 3.2 CUM3 and trying to import SSL certificate from

    http://<SOI Manager>:7090/sam/admin/

    But certificate import fails with error

    ---------

    File uploaded successfully.

    Failed to import the certificate.

    ---------

     

    Solution:

    1. Please obtained testfix T373703 from CA support which address this problem

    2. As a workaround you can do following

    - Take a backup of ssa.jks in ..CA\SOI\tomcat\conf

    - Issue following command to import certificate

    ..\..\jre-32\bin\keytool.exe -v -importcert -storepass catalyst -file <Full_Path_Of_Certificate>\<Certificate_Name>.crt –keystore ssa.jks -trustcacerts -noprompt


    - Recycle SOI Application manager.



  • 2.  Re: SOI Tech Tips: Unable to import SSL certificate manually

    Posted Oct 08, 2015 06:24 AM

    Hello Ashay,

     

    Is the above URL the official way to do a Certificate Import? I could not find it in the Documentation

     

    Regarding the workaround:

    Is 'catalyst' just a placeholder, or is it the literal password for the keystore that SOI tomcat expects?

     

    In ../tomcat/conf/server.xml, the configuration uses variables for the password and file location:

                keystoreFile="${tomcat.keystore.file}"
                keystorePass="${tomcat.keystore.pswd}"

     

    Where are those variables set and what is their default content?

     

    Thanks

    Jan

     

     

    Brahma Britta_Hoffner



  • 3.  Re: SOI Tech Tips: Unable to import SSL certificate manually

    Posted Oct 08, 2015 06:56 AM

    Hi Jan, Official way to import certificate is using URL http://:7090/sam/admin/ But in SOI 3.2 Cum2 we had a problem to import via URL which was then fixed in SOI 3.3 version. Hence above procedure can be used as workaround if you are running on SOI 3.2 Cum3. 'Catalyst' is literally a password for key store and file which holds this is ..CA\SOI\jsw\conf\soi-manager.properties Thanks, Ashay



  • 4.  Re: SOI Tech Tips: Unable to import SSL certificate manually

    Posted Oct 08, 2015 10:04 AM

    Here is the info I got on how to manually import a certificate:

     

    Manually Import SSL Certificate:

    Open command prompt as Administrator

    CD to:  SOI\tomcat\confg

    D:\APPS\CA\SOI\tomcat\conf>..\..\jre-32\bin\keytool.exe -v -importcert -storepass catalyst -file d:\cw.alphaserveit.crt -keystore ssa.jks -trustcacerts -noprompt

    Certificate was added to keystore

    [Storing ssa.jks]



  • 5.  Re: SOI Tech Tips: Unable to import SSL certificate manually

    Posted Oct 26, 2015 12:45 AM

    Hi, This method can be used as workaround if you have SOI 3.2 Cum3 and need to import SSL Certificate for some reason and do not have T373703 patch applied. The best way it to open SOI issue with CA Support and obtain patch T373703 . Thanks, Ashay