AnsweredAssumed Answered

Enable https for CA SDM

Question asked by PMO-DCN on Jun 13, 2016
Latest reply on Jun 21, 2016 by Chris_Hackett

Hi Team,


We have a cluster environment of CA Service desk. We are using CA SDM 14.1 Database as cluster database and CA SDM application server as windows cluster environment with two node (localhost1 and localhost2) and there is one cluster hostname (sdcls01) and one AD alias name i.e


As client requested, we have to change the URL of CA SDM application as https. We want to provide domain certification. First i have tried with self signed. I have followed these steps on both node.


  1. Create a directory under the C: drive (or the local drive you want) with the name, certificates.
  2. Using the command line, navigate to the JRE bin directory (for the JRE installed with Service Desk - usually /SC/JRE)
  3. Run the command "keytool -genkey -alias tomcat -keyalg RSA -keystore c:/certificates/keystore.jks".

I have given First name and Last name as (as user will access the application through this name)

  1. Fill in the fields as appropriate (make sure to note what you filled in each filed as you may need this information later).
    A keystore.jks file is created in the C:\certificates\ directory


e. Open the \bopcfg\www\CATALINA_BASE\conf\server.xml file using a text editor and change the code


<Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" MinSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="C:\certificates\keystore.jks" keystorePass="password"/>



After that It should be working for self signed. However its not working. I have also tried to give localhost in step c but its not working for even self signed. why so?

Is this mandatory to give localhost in step c? Can i give another name like so that user can use this application by typing this name



Kindly help me on this queries




Sippy Aggarwal