You can deactivate the SSL configuration if you no longer require SSL. For example, if back channel authentication is no longer required or you no longer want an SSL connection to the UI you can deactivate SSL.
Note: If you reconfigure a Windows system with SSL enabled, deactivate the SSL configuration before reconfiguring your system. Reactivate SSL after the reconfiguration is complete.
Follow these steps:
A confirmation prompt is displayed asking if you want to disable SSL.
federation_install_dir/secure-proxy/SSL/keys
Deactivating SSL for the Administrative UI does not delete the corresponding key store file. If you change the UI SSL certificate for any reason, the certificate is not updated, which results in CA SiteMinder® Federation Standalone using the wrong certificate. Deleting the Tomcat key store helps ensure that any updates you make to the SSL certificate are reflected.
Use the stop and start shortcuts as follows. If you logged in as a network user and not a local administrator, right-click the shortcut and select Run as administrator.
a. Open a command window.
b. Run the following scripts:
federation_install_dir/fedmanager.sh stop
federation_install_dir/fedmanager.sh start
Note: Do not stop and start the services as the root user.
The SSL connection is no longer active and the SSL Configuration Status setting changes to Server cert signed by CA, SSL ready. The certificate and key files remain so you can re-enable SSL.
|
Copyright © 2013 CA.
All rights reserved.
|
|