Generating CSRs in Windows
- On the command line, change the working directory to:
<installationDirectory>\BMC Software\AtriumSSO\tomcat\conf From the conf directory, issue the following command:
keytool -certreq -alias tomcat -keystore keystore.p12 -storepass
internal4bmc -storetype PKCS12 -providername JsafeJCEThe supplied password is the default for the BMC Atrium Single Sign-On Tomcat server. Another password might need to be supplied if the keystore has been replaced with a locally-generated file. The command generates and displays the CSR on the shell window screen:
-----BEGIN NEW CERTIFICATE REQUEST-----
MIIBmDCCAQECAQAwWDEZMBcGA1UECxMQQXRyaXVtU1NPIFNlcnZlcjEVMBMGA1UEChMMQk1DIFNv
ZnR3YXJlMSQwIgYDVQQDExtpQk1DLUpCSEJCSzEuYWRwcm9kLmJtYy5jb20wgZ8wDQYJKoZIhvcN
AQEBBQADgY0AMIGJAoGBAJABuagV7e12Yu3m0LmNWEmVE4HXrdaB+uOyZFyKLZxO2e+WX3r9vc9q
al5VQSE1yME6ml53B9sWS2RWA5d8xDPW8ppQe3dqQdf3QDDzfXQ18MmZAfraSbv6Y2Tj0Oad10Uf
c8NUXYCvKNcmdHzkabaHuTOXuhfyGyzyCgFdd/jTAgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQAx
oNCBNvnbYNHD02QOIXEP4eMd9HlfJjvJHtAS6SyibMEd00mq/BD5iV1TewwkmvJRn1BjmzGXNO1c
xbasQaHN9l0+HP4X6aWfRIJtq9GOj4d9Y2wb5L6SEsgnCtnvbHDsMR0AEBLPCR7nVJ4vgQsZ9xLj
EfQB8idnyyimIfoqqQ==
-----END NEW CERTIFICATE REQUEST-----
The toolkit command output must be sent to the CA for a digital signature. After the signed identity certificate is returned, the next step is to import the signed identity certificate into the keystore where it replaces the current self-signed certificate.
Where to go from here
Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*