Previous Topic: Preparing to Upgrade the Enterprise Management ServerNext Topic: How to Upgrade from CA ControlMinder r5.3

Upgrade GuideUpgrading Server and Endpoint ComponentsBefore You Begin to UpgradeImport the Java Connector Server SSL Certificate After Upgrade

Import the Java Connector Server SSL Certificate After Upgrade

Because of a change in the Java Connector Server (JCS) SSL certificate in CA ControlMinder r12.5 SP3, you must import a new SSL certificate after you upgrade from CA ControlMinder r12.5.x.

Important! Complete this procedure only if you used a custom JCS SSL certificate. You do not need to perform this procedure if you used the default SSL certificate.

Follow these steps:

  1. Stop the JBoss application server.
  2. Navigate to the following directory, where JBOSS_HOME indicates the directory where you installed JBoss: 
    JBOSS_HOME/server/default/deploy/IdentityMinder.ear/custom/ppm/trusttore/
  3. Back up the ssl.keystore file.
  4. From the directory you navigated to previously, open a Command Prompt window.
  5. Run the keytool utility to specify the custom SSL keystore to import, where JAVA_HOME indicates the directory where JDK is installed. For example: 
    JAVA_HOME\bin\keytool.exe -import -alias eta_client -file c:\custom_certificate.der -keystore ssl.keystore

    A password prompt appears.

  6. Enter the keystore password. The default password is secret.

    The keytool displays the certificate details and fingerprints.

  7. Type Yes to add the certificate to the keystore.

    The keytool adds the new certificate.

  8. Start the JBoss application server.

    You have loaded the new JCS SSL certificate file to CA ControlMinder Enterprise Management.