Share all details related to your problem, including any error messages you may have received.
Hi,
We are trying to install the SSL certificate.But when we trying to check in tomcat nothing is found regarding SSL certificate and also we are unable to locate existing certificate.
Can you please help us as what should we do in such cases and how we install the SSL certificate?
Is your Tomcat instance(s) on Windows or Linux server(s)? Are you trying to renew the existing ssl certificate due to expiration date or first time installing it?
I believe the following article could provide more insights on it: Securing SailPoint deployed on Tomcat server - Compass . Your key file is called âserver.xmlâ in your Tomcat directory and your key word is âkeystoreFileâ (will lead you to the keystore where the ssl certificate is stored/will be stored).
Thank you for your reply. We are renewing the certification due to expiration. We have cheked the server.xml file and the details were commented out for the configurations.
Is it configured in load balancer level or network load balancer level and how can we check that. kindly please help.
are you using HTTPS to access IIQ URL? Itâs possible that those keystore entries are on tomcat executable file under JAVA_OPTiONS, have you checked there? If itsâs not even there, then please look at the tomcat guide to enable SSL. You should be able to find helpful references on compass too.
We checked that we are updating the SSL certificate in Azure in application proxy. As we are having issue with generating the .pfx certificate file from sailpoint server assuming we already have the new certificate which doesnât require the CSR. Please help us how we can generate .pfx cert file? Also, we have tried to export from certlm.msc-> personal but still the pfx option is disabled. Please help us on this on priority.
Hi Amit, can I know what is the issue with generating CSR and please elaborate on âassuming we already have the new certificate which doesnât require the CSRâ?
We didnât generate the CSR as we already have the new certificate. The issue we have is we want the certificate in .pfx format and we were unable to do it through our SailPoint server. Is there a way that we can convert this certificate into .pfx format.
You will need a third party app to generate the cert from pfx file. We used Key Store Explorer. Remeber when generating the SSL cert to name all the Domians.