Connector GuidesConnectors GuideConnecting to EndpointsOS/400 ConnectorOS/400 InstallationHow to Secure Your Information (Optional) › Configure CA IAM CS

Previous Topic: Assign the Server Certificate to Your OS/400 Applications

Next Topic: Password Synchronization Agent

Configure CA IAM CS

If you are using a certificate from one of the following CAs, you do not need to perform this step:

If, you are using a certificate from a different CA, you must configure CA IAM CS. If you use the same certificate for each OS/400 system, you will perform these steps only once.

Follow these steps:

  1. Stop the CA IAM CS service.
  2. Copy the CA certificate from your certificate authority to the directory where the connector client certificate keystore is located. Refer to the server_jcs.properties for the setting of connectorManager.connectorClientCertStore to determine the location of the connector client certificate keystore. The default value is set to ../conf/ssl.keystore.
  3. Open a DOS screen and change the DOS prompt to the directory where the connector client certificate keystore is located. For example, 
    cd C:\Program Files\CA\Identity Manager\Connector Server\conf\
  4. Issue the following command to import the CA certificate into the CA certificate store for Java: 
    ..\..\bin\keytool -import -alias "eTrust Admin CA Certificate" -file 
certificate_name.cer -keystore ssl.keystore
    1. Enter the default password secret (if it has not been changed) at the "Enter a keystore password" prompt.

      Note: You can use bin\ ldaps_password.bat utility to change the keystore's password.

    2. Enter yes at the "Trust this certificate" prompt.
  5. Restart CA IAM CS service.