Out of support This documentation supports the 8.1 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.Click here to view the documentation for a supported version of Remedy Single Sign-On.

Generating self-signed certificates

BMC Atrium Single Sign-On is installed with a self-signed certificate: an identity certificate that is signed by the same entity whose identity it certifies.

A self-signed certificate is used in the following instances:

  • By the initial keystore created during installation of BMC Atrium Single Sign-On
  • For configuring Secure Sockets Layer (SSL) connection between the agent and the BMC Atrium Single Sign-On server

To create a new self-signed certificate

Run the following command:

  • For Microsoft Windows:

    keytool -export -alias tomcat -keystore %CATALINA_HOME%\conf\keystore.p12 -file %CATALINA_HOME%\conf\mykey.cer -storetype pkcs12 -storepass keystore_password -providername JsafeJCE

    Example

    C:\Users\>keytool -export -alias tomcat -keystore keystore.p12 -file mykey.cer -storetype pkcs12 -storepass keystore_password -providername JsafeJCE
    Certificate stored in file <mykey.cer>

  • For UNIX:

     

    keytool -export -alias tomcat -keystore $CATALINA_HOME/conf/keystore.p12 -file $CATALINA_HOME/conf/mykey.cer -storetype pkcs12 -storepass keystore_password -providername JsafeJCE

After you create a self-signed certificate, browsers and other programs issue warnings to users about an insecure certificate each time the user authenticates. You can prevent the certificate warning by permanently importing the self-signed certificate into the user's truststore. For more information, see Importing-a-certificate-into-cacerts-p12.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*