How to enable TLS connection from VA to IQ service. what is TLS enabled port number?

shaffusailpoint · February 28, 2025, 11:18am

sidharth_tarlapally · February 28, 2025, 12:07pm

Hello @shaffusailpoint !

636 is the port .
Root CA Certificate need to be exchanged .

Please refer the following docs :

shaffusailpoint · February 28, 2025, 12:49pm

Thank you! root CA means putting certificate in certificate folder of VA?

suresh4iam · February 28, 2025, 3:17pm

You need to get the cert from infra team and import it into IQServices server(s) and also add the certificate in the VA (/home/sailpoint/certificates), restart the CCG service in VA.
Refer the link which explains the detailed steps.

sidharth_tarlapally · March 4, 2025, 9:49am

Yes. You are right . We need ti get certificate from application team as metioned by @suresh4iam and add them in Cert folder.

simplymanish · April 28, 2025, 5:35am

Just to confirm whether it should be self signed or CA signed is mandatory.

suresh4iam · April 28, 2025, 12:39pm

The certificates to be installed in both “Personal” and “Trusted CA” folders if they’re self-signed. You can get more details here.