Administration GuideCustom Certificates › Deploy the New Certificates

Previous Topic: Add the Certificate Common Name to an Access Policy

Next Topic: Accessibility Features

Deploy the New Certificates

CA Enterprise Log Manager uses two certificates. You can replace one or both of the predefined certificates with custom certificates. To deploy new certificates, you log on to the soft appliance, stop iGateway, add the new certificates, modify the respective configuration files, and then restart iGateway.

Before you deploy new certificates, verify that:

To deploy the new certificates

  1. Access the host where the CA Enterprise Log Manager server is installed.
  2. Use your caelmadmin credentials to log on to the CA Enterprise Log Manager server.
  3. At the command prompt, switch users to root, that is: 
    su - root
  4. Change directories to /opt/CA/SharedComponents/iTechnology with the following shortcut: 
    cd $IGW_LOC
  5. Stop iGateway: 
    ./S99igateway stop
  6. To replace CAELMCert.cer:
    1. Copy the custom ApplicationNameCert.cer certificate and the ApplicationNameCert.key key file into the iTechnology directory.
    2. Open the CALM.cnf file. Replace the certificate name with the new name.
    3. Replace the existing key file name with the new key file name.
  7. To replace CAELM_AgentCert.cer:
    1. Copy the custom ApplicationName_AgentCert.cer certificate and the ApplicationName_AgentCert.key key file into the iTechnology directory.
    2. Open the AgentManager.conf file. Replace the certificate name with the new name.
    3. Replace the existing key file name with the new key file name.
  8. Start iGateway. 
    ./S99igateway start

    All agents installed after this deployment automatically use the custom certificate, if CAELM_AgentCert.cer was replaced.