Previous Topic: Deploy the New CertificatesNext Topic: Implement Custom Certificates in OpenAPI

Administration GuideCustom CertificatesImplement Custom Certificates on Active Agents

Implement Custom Certificates on Active Agents

You can implement custom certificates on active agents without reinstalling the agents.

Follow these steps:

  1. Stop CA iTechnology iGateway on CA User Activity Reporting Module server.
  2. Navigate to /opt/CA/SharedComponents/iTechnology.
  3. Open the AgentManager.conf file.
  4. Navigate to the <Certificate> tag and replace the current certificate name with the custom certificate name in AgentCert.cer.
  5. Navigate to the <KeyFile> tag and replace the current certificate key with the custom certificate key in AgentCert.key.
  6. Start CA iTechnology iGateway.
  7. Navigate to /opt/CA/ELMAgent/bin on the agent.
  8. Rename the AgentCert.cer file to AgentCert.cer_bak, and AgentCert.key file to AgentCert.key_bak to take a backup of the existing certificate.
  9. Navigate to $IGW_LOC folder on CA User Activity Reporting Module server and copy the custom certificate files.
  10. Navigate to /opt/CA/ELMAgent/bin on the agent.
  11. Copy the custom certificate files and rename them to AgentCert.cer and AgentCert.key.
  12. Execute the following commands to change the ownership of the AgentCert.cer and AgentCert.key files to caelmservice:caelmservice: 
    Chown caelmservice:caelmservive AgentCert.cer
Chown caelmservice:caelmservive AgentCert.key
  13. Restart the agent.
  14. Verify that there are no errors in the agent, connectors, and dispatcher logs.