Previous Topic: Import QueriesNext Topic: Register CA GovernanceMinder on the CA User Activity Reporting Server

Scenario GuideScenario OverviewIntegrating CA User Activity Reporting with CA GovernanceMinderHow to Integrate CA User Activity Reporting with CA GovernanceMinderCreate a Security Certificate

Create a Security Certificate

To enable CA GovernanceMinder to communicate with CA User Activity Reporting, create a security certificate and update the keystore with the new certificate.

Note: The following steps are specifically for Internet Explorer 8. If you use another browser, see that browser's documentation on creating a security certificate.

Follow these steps:

  1. From the CA GovernanceMinder server, open a browser to log in to the CA User Activity Reporting API portal and enter the following URL: 
    https://calm_hostname:port/spin/calmapi/calmapi.csp

    A security certificate error appears.

    calm_hostname:port

    Specifies the CA User Activity Reporting server host name and communications port.

  2. Click Continue to this website.

    A certificate error button appears to the right of the browser's address bar.

  3. Click Certificate Error, View certificates.

    The Certificate dialog appears and displays information about the security certificate.

  4. Click the Details tab and select Copy to File.

    The Certificate Export Wizard appears.

  5. Export the certificate using the wizard, as follows:
    1. In the Export Format screen, select Base-64 encoded X.509 (.CER).
    2. Set the file name for the certificate to 'elm_cer.cer'.
    3. Click Finish.

    The certificate is saved on the server.

  6. Update the keystore with the certificate, as follows:
    1. Open a command prompt and navigate to the directory that contains the exported certificate.
    2. Enter the following command: 
      “%JAVA_HOME%\bin\keytool.exe” -import -file “pathname_cer” -keystore "%JAVA_HOME%\jre\lib\security\cacerts" -trustcacerts

      Where pathname_cer is the pathname of the exported certificate.

      You are prompted for a password.

    3. Enter the following password, or the default cacerts password for your system:

      'changeit'

    4. Enter y at the prompt and click Enter.

      The certificate is installed in the keystore.

  7. Verify that the new certificate appears, as follows:
    1. At a command prompt on the server hosting computer, enter the following command: 
      “%JAVA_HOME%\bin\keytool.exe” -list -keystore "%JAVA_HOME%\jre\lib\security\cacerts"
    2. Enter the cacerts password.

      A list of certificates appears.

    3. Verify that the new certificate appears in the list.
  8. Restart the application server.

    You have created a security certificate and update the keystore with the new certificate.

    Next, you register CA GovernanceMinder on the CA User Activity Reporting server.