How to import SSL Certificate in JVM for connection to Active Directory (over SSL) : Seclore Customer Support

Pre-requisites:

1.Deployed Policy Server.

2.SSL Certificate of AD (It's extension should be .cer).

Please refer to the following URL to export the SSL certificate of Active Directory.

Store the SSL certificate on machine on which Policy Server is deployed.

Eg: D:\SSL Certificate\<SSL-CERTIFICATE-NAME>.cer

Solution:

1.Open command prompt (Start -> Run -> cmd) and naviigate to Drive/Seclore/Java/bin

2.Use below command to import the certificate

keytool -import -alias "<ALIAS-NAME-FOR-CERTIFICATE>" -keystore "<JRE-FOLDER>\lib\security\cacerts" -file "<SSL-CERTIFICATE-PATH>"

Here,

<ALIAS-NAME-FOR-CERTIFICATE> - Any logical name given to the certificate import e.g. 'ARAWebService'.

<JRE-FOLDER> - Path of the JRE folder used by Tomcat on which Policy Server is running.

<SSL-CERTIFICATE-PATH> - The self-signed certificate file path. Eg: D:\SSL Certificates\ARAWebService.cer

While executing this command it asks for the password of the keystore.

The default password is changeit

Example :

keytool -import -alias "ARAWebService" -keystore "D:\Seclore\Java\lib\security\cacerts" -file "D:\SSL Certificates\ARAWebService.cer"

On successful import of the certificate a success message is displayed.

Note:

In some cases the command prompt might be required to be run as an administrator for successful import of the certificate.

Once the certificate is successfully added to the keystore, you can access AD over SSL.

Need more help ?

Contact Seclore Support

How to import SSL Certificate in JVM for connection to Active Directory (over SSL)