Previous Topic: Modifying SQL Queries for Certain Endpoint TypesNext Topic: Register CA GovernanceMinder on the CA User Activity Reporting Server

Configuration GuideIntegrating CA GovernanceMinder with Other CA ProductsCA User Activity Reporting IntegrationCreate a CA User Activity Reporting Security Certificate

Create a CA User Activity Reporting Security Certificate

To communicate with CA User Activity Reporting, create a CA User Activity Reporting security certificate and update the keystore with the new certificate.

Note: The following steps are specifically for Internet Explorer 8. If you use another browser, see that browser's documentation on creating a security certificate.

Follow these steps:

  1. From the CA GovernanceMinder server, use Internet Explorer to log in to the CA User Activity Reporting API portal. Use the following URL to access the API portal:

    https://calm_hostname:port/spin/calmapi/calmapi.csp

    A security certificate error appears.

  2. Click Continue to this website.
  3. Click Certificate Error, View certificates.

    The Certificate dialog appears and displays information about the CA User Activity Reporting security certificate.

  4. Click the Details tab and select Copy to File.

    The Certificate Export Wizard appears.

  5. Export the certificate using the wizard, as follows:
    1. In the Export Format screen, select Base-64 encoded X.509 (.CER).
    2. Set the file name for the certificate to 'elm_cer.cer'.
    3. Click Finish.

    The certificate is saved on the CA GovernanceMinder server.

  6. Update the keystore with the certificate, as follows:
    1. Open a command prompt on the CA GovernanceMinder server.
    2. Navigate to the directory that contains the exported certificate.
    3. Enter the following command: 
      “%JAVA_HOME%\bin\keytool.exe” -import -file “pathname_cer” -keystore "%JAVA_HOME%\jre\lib\security\cacerts" -trustcacerts

      where pathname_cer is the pathname of the exported certificate.

      You are prompted for a password.

    4. Enter the following password, or the default cacerts password for your system:

      'changeit'

    5. At the prompt, enter y and press Enter.

    The CA User Activity Reporting certificate is installed in the keystore.

  7. Verify that the new certificate appears, as follows:
    1. Enter the following command: 
      “%JAVA_HOME%\bin\keytool.exe” -list -keystore "%JAVA_HOME%\jre\lib\security\cacerts"
    2. Enter the cacerts password.

      A list of certificates appears.

    3. Verify that the new certificate appears in the list.
  8. Restart the application server hosting CA GovernanceMinder.