- How to add AD certificates to VAs, what are step?
- How to enable TLS connection from VA to IQ service?
- How configure the IQ service accordingly on the source?
Some body help on this.
Hi @shaffusailpoint,
If you want to understand what ever your queries is please go through this document it may be helpful for you.
Thank you!
this document is not in layman terms, is there any steps so that a normal person like me can understand
for example in a link " The va-config-<va_id>.yaml"
what is this va_id I did not understand in document no where mentioned how to get that
Hi @shaffusailpoint
Good Day!
Kindly follow below steps for importing the certificate from target system such as AD and IQService.
- Please input the below command to check whether target system has TLS certificate installed or not.
openssl s_client -connect ip/fqdn of machine:TLS port
for example openssl s_client -connect 192.54.35.32:636 - Check the certificate details in command the command response.
- After validation copy the certificate from begin certificate to end certificate
- Save the certificate in .cer format.
- Open winSCP(Paste the certificate in /home/sailpoint/certificates directory) or directly create the file in VA and paste the copied certificate. Also change the format of certificate from .cer to .pem.
- After placing certificate in the above mentioned directory restart the ccg by using below command.
sudo systemctl restart ccg - Test the connection for your source.
Hope the above information will help you.
Thank you!
3 Likes
Thanks a lot Suraj! will check on this
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.