Previous Topic: Configure CA IAM Connector Server to Work Under Heavy Loads (UNIX Only)Next Topic: Java Virtual Machine Memory Errors

Identity Management ServiceConnectors GuideConfiguring CA IAM Connector ServerCustomize the Configuration for CA IAM Connector ServerSet the TLS Store Certificate Password

Set the TLS Store Certificate Password

CA IAM Connector Server uses two certificates: one for each of the following roles:

When you install CA IAM Connector Server these certificates each have a temporary password. We recommend that you update these passwords.

By default, these certificates are stored in the same keystore. However you can store them in separate keystores if you prefer.

Follow these steps:

  1. Stop CA IAM Connector Server.
  2. Open a command prompt, then change to the following directory: 
    cs_home/jcs/tools/ldaps_password
  3. Use the following command to update the password of the keystore for the server: 
    ldaps_password new-password

    This command updates the encrypted commonConfiguration.keystorePassword value in server_shared.properties.

  4. Use the following command to update the password of the keystore for the client: 
    ldaps_password new-password connectorManager.connectorClientCertStorePassword ../conf/override/server_jcs.properties

    This command updates the encrypted connectorManager.connectorClientCertStorePassword value in server_jcs.properties.

    Note: The password for the keystore is the password that you set during CA IAM Connector Server installation.

  5. Restart CA IAM Connector Server.

Note: Alternatively, you can manage the keystore using the keytool utility included in the Java Runtime Environment. This lets you install your own certificate instead of the default Provisioning Server certificate that the installer configures.