- Stop the JBoss service and set the service Startup Type to Manual.
- Navigate to the following directory:
JBoss_HOME/default/deploy/IdentityMinder.ear/management_console.war/WEB-INF
- Open the web.xml file in edit mode.
- Set the <param-value>true</param-value> for the AccessFilter section and save and close.
Note: This step is required to enable the CA Identity Minder Management console.
- Start the JBoss service.
- Using a Web browser, open the CA Identity Minder Management console and click Continue.
- Click Directories, ac-dir, Export, and click then Save.
- Specify the location where you want to save the ac-dir.xml file and back up the xml file.
- Open one of the ac-dir.xml files in the edit mode and make the following changes:
<LDAP searchroot="DC=cmlab,DC=ca,DC=corp" secure="true"/>
<Connection host="KUMVI10-TEST.cmlab.ca.corp" port="636"/>
<Container objectclass="top,organizationalUnit" attribute="ou" value=""/>
- Click Directories, ac-dir, and the Update button.
- Browse to the ac-dir.xml file you edited and click Finish.
The ac-dir is updated with the new port values. Errors are noted at the bottom.
- Click Continue.
- Stop the JBoss service.
- Back up the ssl.keystore file from the following location:
JBoss _HOME/server/default/deploy/IdentityMinder.ea/custom/ppm/truststore.
- Import the certificate into the JBoss key store with the following command:
keytool -import -keystore "jBoss_HOME/server/default/deploy/IdentityMinder.ear/custom/ppm/truststore/ssl.keystore" -alias "<ALIAS NAME>" -file "<Certificate File Name>.cer"
- Enter the certificate password,“secret”.
Note: The certificate must be trusted during the import.
- Update the run.bat file with the following line:
set JAVA_OPTS=%JAVA_OPTS% -Xms256m -Xmx1408m -Djavax.net.ssl.trustStore="%SYSTEMDRIVE%\jboss-4.2.3.GA\server\default\deploy\IdentityMinder.ear\custom\ppm\truststore\ssl.keystore".
- Save the file and start JBoss.
- Using a web browser, open the CA Identity Minder Management Console.
- Go to Directory, ac-dir to check and verify that your Enterprise Management environment is connecting with SSL.
- Access the Enterprise Management URL with the SSL port and verify that you are able to log in to Enterprise Management.