Page tree
Skip to end of metadata
Go to start of metadata

By default, Infrastructure Management uses a default keystore BMC Atrium CMDB SSL certificate to establish a secure connection when BMC Atrium Explorer is launched.

If you want to use a customized keystore SSL certificate instead of the default, you must import the certificate before you can cross launch into BMC Atrium CMDB. Perform the following procedure.

To verify the BMC Atrium CMDB SSL certificate

  1. Open a command prompt.
  2. Change to the following directory:
    installationDirectory\pw\jre\bin
    The variable installationDirectory is the location where you installed the BMC TrueSight Infrastructure Management Server.
  3. Run the following command to list the certificates that are in the keystore.

    keytool -list -keystore <installationDirectory>\pw\pronto\conf\pnserver.ks
    The above keystore location is the default used by Infrastructure Management. This filename is configured in the file <installationDirectory>\pw\pronto\conf\pronet.conf with the parameter pronet.jserver.ssl.keystore.filename=pnserver.ks.
  4. When prompted for the keystore password, enter the value get2net, which is the default keystore password used by Infrastructure Management.
    This password is configured in the password file <installationDirectory>\pw\pronto\conf\.ks_pass with the parameter pronet.jserver.keystore.passwd=get2net.
    The password file is configured in the file <installationDirectory>\pw\pronto\conf\pronet.conf with the parameter pronet.jserver.ssl.keystore.passwdfile=.ks_pass.


  5. The following alias names should be included in the resulting certificates list.
    .bmcatriumwsclient

    .bmcatriumwsserver

    .bmcatriumserverssl

    The certificates should correspond with the values as deployed by BMC Atrium web services.

  6. If the alias names are not found, then import the SSL certificates from the BMC Atrium CMDB that you are integrating with.
    By default, the certificates are located in the installationDirectory/AtriumCore/wsc/atriumws81/keystores directory.
    You can find this location in conf/server.xml of the Apache Tomcat server where the BMC Atrium web services is deployed in configuration for SSL connector:

    <Connector SSLEnabled="true" clientAuth="false" keyAlias="bmcatriumwsserverssl" keystoreFile="C:\Program Files\BMC Software\AtriumCore\wsc\atriumws81\keystores\bmcatriumwsserverssl.jks" keystorePass="atrium" maxThreads="150" port="443" protocol="HTTP/1.1" scheme="https" secure="true" sslProtocol="TLS"/>

To import a customized BMC Atrium CMDB SSL certificate

  1. Open a command prompt.
  2. Change to the following directory:
    installationDirectory\pw\jre\bin
    The variable installationDirectory is the location where you installed the BMC TrueSight Infrastructure Management Server.
  3. Run the following command to import a BMC Atrium CMDB SSL certificate. 

    keytool -import -alias <uniqueAliasName> -file <pathToCustomCertificate> -keystore <installationDirectory>\pw\pronto\conf\pnserver.ks


    The uniqueAliasName variable is the name of the file where the certificate is stored, and the pathToCustomCertificate variable is the location where the certificate that you imported is stored.
    The above keystore location is the default used by Infrastructure Management. This filename is configured in the file <installationDirectory>\pw\pronto\conf\pronet.conf with the parameter pronet.jserver.ssl.keystore.filename=pnserver.ks.

  4. When prompted for the keystore password, enter the value get2net, which is the default keystore password used by Infrastructure Management.
    This password is configured in the password file <installationDirectory>\pw\pronto\conf\.ks_pass with the parameter pronet.jserver.keystore.passwd=get2net.
    The password file is configured in the file <installationDirectory>\pw\pronto\conf\pronet.conf with the parameter pronet.jserver.ssl.keystore.passwdfile=.ks_pass.
  5. When prompted to confirm that you want to trust the certificate, enter Yes.
  6. To verify that the certificate is imported, enter the following command:

    keytool -list -keystore <installationDirectory>pw\pronto\conf\pnserver.ks


    The name of the certificate is displayed in the resulting list.

  7. Open a command prompt and enter the following command to restart the TrueSight Infrastructure Management server.

    pw system start