Skip to Content
Information
Unsupported content This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Specifying a trust store password

This topic describes how to specify a trust store password on any of the server components. You can specify the password as plain text, or you can specify a text string that you encrypted in the Maintenance Tool.

Warning

Note

You can specify the trust store file, which is used to validate client certificates. The default is AO_Home\jvm\lib\security\cacerts.

To specify the trust store password as plain text on a server component

  1. Stop the BMC Atrium Orchestrator services.
  2. On the computer for the server component, use a text editor to open the AO_Home\tomcat\conf\server.xml file.

  3. Locate the <Connector> element that contains the HTTPS protocol information, as shown in the following sample:

    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
                   maxThreads="150" scheme="https" secure="true"
                   clientAuth="false" sslProtocol="TLS" />
  4. Append the following attribute to the connector element.

  5. Specify the trust store file location and the <password>:
    truststoreFile="AO_Home\jvm\lib\security\cacerts"
    truststorePass="<password>"

    In the following example, myPassw0rd is the new trust store password:

    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
                   maxThreads="150" scheme="https" secure="true"
                   clientAuth="false" sslProtocol="TLS" truststoreFile="C:\Program Files\BMC Software\CDP\jvm\lib\security\cacerts" truststorePass="myPassw0rd" />
  6. Save the server.xml file.
  7. Restart the BMC Atrium Orchestrator services.

    For additional information about the Apache Tomcat Servlet/JSP Container SSL Configuration, see documentation available at http://tomcat.apache.org/.

To specify an encrypted trust store password on a server component

Warning

Note

You can perform this procedure if you have installed 7.6.02 SP2 or later.

  1. Start the Maintenance Tool, as described in Using-the-Maintenance-Tool-to-encrypt-a-password.
  2. Stop the BMC Atrium Orchestrator services.
  3. Using the Maintenance Tool, encrypt a password text string, as described in Using-the-Maintenance-Tool-to-encrypt-a-password.
  4. On the computer for the server component, use a text editor to open the AO_Home\tomcat\conf\server.xml file.

  5. Locate the <Connector> element that contains the HTTPS protocol information, as shown in the following sample:

    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
                   maxThreads="150" scheme="https" secure="true"
                   clientAuth="false" sslProtocol="TLS" />

  6. After copying the encrypted password from the Maintenance Tool, append the following property to the connector attribute, replacing <encrypted-password> with the copied value:

               SSLImplementation="com.bmc.ao.catalina.connector.BAOSSLImplementation"
               truststoreFile="AO_Home\jvm\lib\security\cacerts"
               truststorePass="<encrypted-password>"/>

    The file should now appear similar to the example below:

    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
               SSLImplementation="com.bmc.ao.catalina.connector.BAOSSLImplementation"
               truststoreFile="C:\Program Files\BMC Software\CDP\jvm\lib\security\cacerts"
               truststorePass="b84f2299ca25a8040b2d022b56716490"/>
  7. Save the server.xml file.
  8. Restart the BMC Atrium Orchestrator services.

Related topic

Using-the-Maintenance-Tool-to-encrypt-a-password

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

(archive) BMC Atrium Orchestrator Platform 7.7