Applies to: Seclore Policy Server, Active Directory.



Pre-requisites:

1.Deployed Policy Server.

2.SSL Certificate of AD (It's extension should be .cer).

 

Please refer to the following URL to export the SSL certificate of Active  Directory.

http://www.linuxmail.info/export-ssl-certificate-windows-2003/


Store the SSL certificate on machine on which Policy Server is deployed.

Eg:  D:\SSL Certificate\<SSL-CERTIFICATE-NAME>.cer



Solution:

1.Open command prompt (Start -> Run -> cmd) and naviigate to Drive/Seclore/Java/bin


2.Use below command to import the certificate


keytool -import -alias  "<ALIAS-NAME-FOR-CERTIFICATE>" -keystore  "<JRE-FOLDER>\lib\security\cacerts" -file  "<SSL-CERTIFICATE-PATH>"


Here,  

<ALIAS-NAME-FOR-CERTIFICATE> - Any logical name given to the certificate import e.g. 'ARAWebService'. 

 

<JRE-FOLDER> - Path of the JRE folder used by Tomcat on which Policy Server is running. 

 

<SSL-CERTIFICATE-PATH> - The self-signed certificate file path. Eg: D:\SSL Certificates\ARAWebService.cer

 

While executing this command it asks for the password of the keystore. 

The default password is changeit 

 


 Example :

keytool -import  -alias "ARAWebService" -keystore "D:\Seclore\Java\lib\security\cacerts" -file "D:\SSL  Certificates\ARAWebService.cer"

On successful import of the certificate a success message  is displayed.



Note

In some cases the command prompt might be required to be run as an administrator for successful import of the certificate.

 

Once  the certificate is successfully added to the keystore, you can access AD over  SSL. 


Need more help ? 

Contact Seclore Support 

 [email protected] Chat Live