Adding and removing a CA certificate
Adding a CA certificate is necessary in the following circumstances:
- Common Access Card (CAC) authentication is used
- The Department of Defense (DoD) issues new CA certificates
- You are using Secure Sockets Layer (SSL) with LDAP for authentication
By default, the BMC Atrium Single Sign-On TrustStore already contains the current certificates for CAC authentication.
Adding a CA certificate
To add a CA certificate, see Importing a certificate into the truststore.
Replacing the self-signed certificate on the BMC Atrium Single Sign-On server invalidates the certificates that are already accepted by users. In addition, you must install the new certificate into the truststore of all integrated BMC applications.
Removing a CA certificate
Before you remove a certificate, identify the alias of the certificate from the list of certificates.
To remove a CA certificate
- On the BMC Atrium SSO Admin Console, click Edit Server Configuration. The Server Configuration Editor is displayed.
On the Certificates tab, select TrustStore from the Certificate Store list for removing a certificate.
- Click the certificate alias to view the details before you delete the certificate.
- Select the certificate and click Delete.
- Click Save to close the Server Configuration Editor.
- Stop and restart the BMC Atrium Single Sign-On server.