Out of support


This documentation supports the 8.1 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.

Click here to view the documentation for a supported version of Remedy Single Sign-On.

Using the keytool utility

You use the keytool utility to obtain a digitally signed identity certificate to replace the self-signed certificate. This utility is available with Oracle JDKs and BMC Atrium Atrium Single Sign-On.

The keytool utility must be available within the shell command environment to generate a certificate signing request (CSR) or to import a CA signed certificate.

The following topics are provided:

To verify that the keytool utility is available

  1. Open a shell command window.
  2. In the command prompt, invoke the keytool utility:
    • (For Microsoft Windows) Type keytool.exe and press Enter.
    • (For UNIX) Type keytool and press Enter.


      You can use the keytool utility from Oracle JDK Java 1.5 or 1.6.

  3. If the keytool utility is available, a help message is generated that shows the keytool options. The following help output is relevant to generating the CSR:

    -certreq [-v] [-protected]
          [-alias <alias>] [-sigalg <sigalg>]
          [-file <csr_file>] [-keypass <keypass>]
          [-keystore <keystore>] [-storepass <storepass>]
          [-storetype <storetype>] [-providername <name>]
          [-providerclass <provider_class_name> [-providerarg <arg>]] ...
          [-providerpath <pathlist>]
  4. Proceed with generating and importing CA certificates.

If the keytool utility is not available, proceed with setting up the environment. 

Configuring the environment

Before you run the keytool utility, you must initialize the environment variable path with the location of the keytool.

Update the following path:


In UNIX, the keytool program is called keytool. In Windows, the program is called keytool.exe.

  • For Windows:

    <installationDirectory>\BMC Software\AtriumSSO\jdk/bin


    PATH=<installationDirectory>\BMC Software\AtriumSSO\jdk\bin;%PATH%
  • For UNIX:

    <installationDirectory>/BMC Software/AtriumSSO/jdk/bin


    PATH=<installationDirectory>/BMC Software/AtriumSSO/jdk/bin:$PATH

Where to go from here

Generating and importing CA certificates

Was this page helpful? Yes No Submitting... Thank you