Out of support This documentation supports the 8.0 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.Click here to view the documentation for a supported version of Remedy Single Sign-On.

Generating CSRs in Windows


  1. On the command line, change the working directory to:

    <installationDirectory>\BMC Software\AtriumSSO\tomcat\conf
  2. From the conf directory, issue the following command: 


    keytool -certreq -alias tomcat -keystore keystore.p12 -storepass
    internal4bmc -storetype PKCS12 -providername JsafeJCE

     The supplied password is the default for the BMC Atrium Single Sign-On Tomcat server. Another password might need to be supplied if the keystore has been replaced with a locally-generated file. The command generates and displays the CSR on the shell window screen:


    -----BEGIN NEW CERTIFICATE REQUEST-----
    MIIBmDCCAQECAQAwWDEZMBcGA1UECxMQQXRyaXVtU1NPIFNlcnZlcjEVMBMGA1UEChMMQk1DIFNv
    ZnR3YXJlMSQwIgYDVQQDExtpQk1DLUpCSEJCSzEuYWRwcm9kLmJtYy5jb20wgZ8wDQYJKoZIhvcN
    AQEBBQADgY0AMIGJAoGBAJABuagV7e12Yu3m0LmNWEmVE4HXrdaB+uOyZFyKLZxO2e+WX3r9vc9q
    al5VQSE1yME6ml53B9sWS2RWA5d8xDPW8ppQe3dqQdf3QDDzfXQ18MmZAfraSbv6Y2Tj0Oad10Uf
    c8NUXYCvKNcmdHzkabaHuTOXuhfyGyzyCgFdd/jTAgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQAx
    oNCBNvnbYNHD02QOIXEP4eMd9HlfJjvJHtAS6SyibMEd00mq/BD5iV1TewwkmvJRn1BjmzGXNO1c
    xbasQaHN9l0+HP4X6aWfRIJtq9GOj4d9Y2wb5L6SEsgnCtnvbHDsMR0AEBLPCR7nVJ4vgQsZ9xLj
    EfQB8idnyyimIfoqqQ==
    -----END NEW CERTIFICATE REQUEST-----

     

    The toolkit command output must be sent to the CA for a digital signature. After the signed identity certificate is returned, the next step is to import the signed identity certificate into the keystore where it replaces the current self-signed certificate. 

    Note

    The Common Name (CN) of the certificate cannot be modified because the CN must match the host name of the server. If the names do not match, the browser issues a warning that the server is trying to impersonate another site.

Where to go from here

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*