This section explains how to import a certificate to the ServerView SSO authentication server.
Export the registered certificate information.
Use the following command to export the registered certificate information:
scsexppfx -n <certificate nickname> -f <export file name>
The parameters to specify in the command are shown below.
Setting item | Setting value |
|---|---|
Certificate nickname | Select the nickname that was specified when the site certificate was registered in the Interstage certificate environment as described in "3.1 Obtaining Certificates and Registering them with Certificate Authorities". Registered site certificates can be viewed at the Interstage Management Console at System >> Security >> Certificates >> Site Certificates window. |
Export file name | Specify the temporary file name used for import in Step 2. |
Import the certificate information to the authentication server.
Use the commands shown below to import the certificate information to the authentication server.
[Windows Manager]
ServerView Operations Manager V6.1 or later
<JDK6 Installation_folder>\bin\keytool.exe -importkeystore -srckeystore <export file name> -destkeystore "<ServerView Suite installation folder>\jboss\Standalone\svconf\pki\cacerts" -srcstoretype PKCS12
Earlier than ServerView Operations Manager V6.1
<JDK6 Installation_folder>\bin\keytool.exe -importkeystore -srckeystore <export file name> -destkeystore "<ServerView Suite installation folder>\jboss\server\serverview\conf\pki\cacerts" -srcstoretype PKCS12
[Linux Manager]
ServerView Operations Manager V6.1 or later
<JDK6 Installation_folder>/bin/keytool -importkeystore -srckeystore <export file name> -destkeystore /opt/fujitsu/ServerViewSuite/jboss/Standalone/svconf/pki/cacerts -srcstoretype PKCS12
Earlier than ServerView Operations Manager V6.1
<JDK6 Installation_folder>/bin/keytool -importkeystore -srckeystore <export file name> -destkeystore /opt/fujitsu/ServerViewSuite/jboss/server/serverview/conf/pki/cacerts -srcstoretype PKCS12
Delete the export file.
Delete the export file specified in Step 2.
Example
[Windows Manager]
Use screen input for the following commands:
- Certificate nickname: testCert - Export file name: c:\work\isas.p12
C:\>scsexppfx -n testCert -f c:\work\isas.p12 Password:<Interstage certificate environment password> PKCS#12 Password:<Password of the certificate being exported> <- Used by the command parameters shown below. Retype:<Password of the certificate being exported> C:\>cd C:\Program Files (x86)\Java\jre6\bin C:\Program Files (x86)\Java\jre6\bin>keytool.exe -importkeystore -srckeystore c:\work\isas.p12 -destkeystore "C:\Program Files (x86)\Fujitsu\ServerView Suite\jboss\server\serverview\conf\pki\cacerts" -srcstoretype PKCS12 Enter destination keystore password:<jboss certificate creation environment password: The default is changeit.> Enter source keystore password:<Password at time of export> <- Specify the password that was specified for the above command. del c:\work\isas.p12
[Linux Manager]
Use screen input for the following commands:
- Certificate nickname:testCert - Export file name: /tmp/isas.p12
# scsexppfx -n testCert -f /tmp/isas.p12 Password:<Interstage certificate environment password> PKCS#12 Password:<Password of the certificate being exported><- Used by the command parameters shown below. Retype:<Password of the certificate being exported> # cd /usr/java/jre1.6.0_02/bin # ./keytool -importkeystore -srckeystore /tmp/isas.p12 -destkeystore /opt/fujitsu/ServerViewSuite/jboss/server/serverview/conf/pki/cacerts -srcstoretype PKCS12 Enter destination keystore password:<jboss certificate creation environment password: The default is changeit.> Enter source keystore password:<Password at time of export> <- Specify the password that was specified for the above command. # rm /tmp/isas.p12 #
