Skip to content
Skip to breadcrumbs
Skip to header menu
Skip to action menu
Skip to quick search

Register
|
Log in

Skip to end of banner Go to start of banner

Implementing private certificates in the Atrium Single Sign-On Server

Skip to end of metadata

Created by Rashmi Gokhale, last modified on Oct 07, 2020

Go to start of metadata

BMC Confidential. The following information is intended only for registered users of docs.bmc.com.

Where to go from here

When you finish securing the Atrium Single Sign-On server, you can apply this Atrium Single Sign-On server certificate to other TrueSight Operations Management components, as described in the following procedures:

You can also explore how to implement private certificates in other TrueSight Operations Management components.

11 Comments

Charles Kelley
- Permalink
- May 30, 2017
1. Rashmi Gokhale
  Hi Charles,
  Have modified the statement that conveys that if there are any existing ASSO certificate aliases delete them.
  Thanks,
  Rashmi
  Permalink
  
  Sep 13, 2017
Charles Kelley
- Permalink
- May 30, 2017
1. Rashmi Gokhale
  Permalink
  
  Jun 07, 2017
Mahesh Darekar
In Steps 7 and 8
Do you know why do we need to change filename from keystore-update.p12 to keystore-update.ks without any reason? Is this typo?
- To verify that tomcat alias is created, list the keystore file by running the following command:
  Verify the alias entry by listing the keystore file
  keytool -list -keystore keystore-update.ks -storepass changeit -storetype JKS
- Permalink
- Sep 08, 2017
1. Rashmi Gokhale
  Hi Mahesh,
  Thanks for the observation. I have fixed the typo.
  Thanks,
  Rashmi
  Permalink
  
  Sep 13, 2017
Benarjee Tumati
There are some errors in the document, I have followed the below link where
Johann Groenewald has clear instructions in the comments on how to do that.

https://docs.bmc.com/docs/display/public/sso90/Creating+a+new+key+pair
- Permalink
- Sep 20, 2017
1. Rashmi Gokhale
  Hi Tumati,
  Thank you for the feedback.
  I checked the instructions provided by Johann on the SSO page. Have corrected the store type as PKCS12.
  Regarding the key pair generation instruction when SSO is in high availability mode, I will check with an SME and update the instruction.
  Thanks,
  Rashmi
  Permalink
  
  Oct 04, 2017
David k Hill
A couple of questions:
Based on these instructions, I am assuming that the Atrium SSO is already configured to look for these specific paths, keystore filename and keystore alias "tomcat". We have a single keystore that manages several certificates and have to have a specific keyalias defined in the tomcat server.xml to make sure we getting the right on in the keystore. Managing several certificates in several keystores on multiple servers will become an administrator's nightmare.
Can you include steps on how to configure the tomcat server.xml file outside of using the defaults?
- Permalink
- Jul 13, 2020
1. Rashmi Gokhale
  Hi,
  Thanks for your feedback. I will discuss this with the SME and get back to you.
  Thanks,
  Rashmi
  Permalink
  
  Jul 15, 2020
  1. Rashmi Gokhale
    Hi,
    I have created a JIRA - https://jira.bmc.com/browse/DRTSA-504 to track this, and have sent an email. Closing this thread here.
    
    Thanks,
    Rashmi
    
    Permalink
    
    Dec 04, 2020