Importing the Server Root Certificate (Java)

When RSA Authentication Manager is installed, the system creates a self-signed root certificate and stores it in the RSA_AM_HOME/server/security/server_name.jks directory. This certificate must be exported from the server, and imported into the keystore for remote API clients. Use the Java keytool, as described in the following sections to export and import the certificate into Java clients.

To export the server root certificate:

Change directories to RSA_AM_HOME/appserver/ and enter the following:

jdk/jre/bin/keytool -export -keystore RSA_AM_HOME/server/security/server_name.jks -file am_root.cer -alias rsa_am_ca

Where:

RSA_AM_HOME directory is a generic placeholder for /opt/rsa/am path
- server_name.jks is a placeholder for caStore.jks keystore

At the prompt for keystore_password, press Enter without the password.

Note
Ignore the warning message that appears as the server root certificate will still be exported.

To import the server root certificate (Java):

Locate the server root certificate file that you exported from Authentication Manager. Copy it to the VA location.

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Importing the Server Root Certificate (Java)

To export the server root certificate:

To import the server root certificate (Java):

Documentation Feedback