Previous Topic: Modifying SQL Queries for Certain Endpoint Types

Next Topic: Register CA GovernanceMinder on the CA User Activity Reporting Module Server

Configuration GuideIntegrating CA GovernanceMinder with Other CA ProductsCA User Activity Reporting Module IntegrationCreate a CA User Activity Reporting Module Security Certificate

Create a CA User Activity Reporting Module Security Certificate

To allow CA GovernanceMinder to communicate with CA User Activity Reporting Module, create a CA User Activity Reporting Module security certificate and update the keystore with the new certificate.

Note: The following steps are specifically for Internet Explorer 8. If you use another browser, see that browser's documentation on creating a security certificate.

Create a CA User Activity Reporting Module security certificate in the keystore of the CA GovernanceMinder server

  1. From the CA GovernanceMinder server, use Internet Explorer to log in to the CA User Activity Reporting Module API portal. Use the following URL to access the API portal:

    https://calm_hostname:port/spin/calmapi/calmapi.csp

    A security certificate error appears.

  2. Click Continue to this website.

    A certificate error button appears to the right of the browser's address bar.

  3. Click Certificate Error, View certificates.

    The Certificate dialog appears and displays information about the CA User Activity Reporting Module security certificate.

  4. Click the Details tab and select Copy to File.

    The Certificate Export Wizard appears.

  5. Export the certificate using the wizard, as follows:
    1. In the Export Format screen, select Base-64 encoded X.509 (.CER).
    2. Set the file name for the certificate to 'elm_cer.cer'.
    3. Click Finish.

    The certificate is saved on the CA GovernanceMinder server.

  6. Update the keystore with the certificate, as follows:
    1. Open a command prompt on the CA GovernanceMinder server.
    2. Navigate to the directory that contains the exported certificate.
    3. Enter the following command: 
      “%JAVA_HOME%\bin\keytool.exe” -import -file “pathname_cer” -keystore "%JAVA_HOME%\jre\lib\security\cacerts" -trustcacerts

      where pathname_cer is the pathname of the exported certificate.

      You are prompted for a password.

    4. Enter the following password, or the default cacerts password for your system:

      'changeit'

    5. At the Trust this certificate? prompt, enter y and press Enter.

    The CA User Activity Reporting Module certificate is installed in the keystore.

  7. Verify that the new certificate appears, as follows:
    1. Enter the following command: 
      “%JAVA_HOME%\bin\keytool.exe” -list -keystore "%JAVA_HOME%\jre\lib\security\cacerts"
    2. Enter the cacerts password.

      A list of certificates appears.

    3. Verify that the new certificate appears in the list.
  8. Restart the application server hosting CA GovernanceMinder.