Applies to: Seclore Policy Server, Active Directory.
1.Deployed Policy Server.
2.SSL Certificate of AD (It's extension should be .cer).
Please refer to the following URL to export the SSL certificate of Active Directory.
Store the SSL certificate on machine on which Policy Server is deployed.
Eg: D:\SSL Certificate\<SSL-CERTIFICATE-NAME>.cer
1.Open command prompt (Start -> Run -> cmd) and naviigate to Drive/Seclore/Java/bin
2.Use below command to import the certificate
keytool -import -alias "<ALIAS-NAME-FOR-CERTIFICATE>" -keystore "<JRE-FOLDER>\lib\security\cacerts" -file "<SSL-CERTIFICATE-PATH>"
<ALIAS-NAME-FOR-CERTIFICATE> - Any logical name given to the certificate import e.g. 'ARAWebService'.
<JRE-FOLDER> - Path of the JRE folder used by Tomcat on which Policy Server is running.
<SSL-CERTIFICATE-PATH> - The self-signed certificate file path. Eg: D:\SSL Certificates\ARAWebService.cer
While executing this command it asks for the password of the keystore.
The default password is changeit
keytool -import -alias "ARAWebService" -keystore "D:\Seclore\Java\lib\security\cacerts" -file "D:\SSL Certificates\ARAWebService.cer"
On successful import of the certificate a success message is displayed.
In some cases the command prompt might be required to be run as an administrator for successful import of the certificate.
Once the certificate is successfully added to the keystore, you can access AD over SSL.
Need more help ?
Contact Seclore Support