Out of support This documentation supports the 8.0 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.Click here to view the documentation for a supported version of Remedy Single Sign-On.

Obtaining and importing CA certificates

By default, BMC Atrium Single Sign-On is installed with a self-signed certificate. Although valid, this certificate causes warning messages when users access the server to perform authentication. The warning messages occur because the certificate is not signed by a CA.

To obtain and import a CA signed identity certificate

  1. Generate a Certificate Signing Request (CSR).
     The CSR must be sent to a CA to be digitally signed and returned. The CA signs the CSR using a private key which validates the server's identity and returns a signed identity certificate.
    See either Generating-CSRs-in-Windows or Generating-CSRs-in-UNIX
  2. Import the CA certificate into the BMC Atrium Single Sign-On Tomcat server keystore.
    See either Importing-CA-certificates-in-Windows or Importing-CA-certificates-in-UNIX
  3. Stop and restart the Tomcat server.

  4. Update all integrated application truststores with the new public key.

    Note

    The new CA certificate does not take effect until the Tomcat server is restarted.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*