These instructions where for our Business Objects environment but it might help
· Run MMC · Add Snap-in · Select Certificates o For a Computer accounts o For Local computer · Create a new certificate · Fill out needed fields · <We need to have a separate team approves it and sends me the CER file> · From the MMC console · Import the CER, in personal · Export the Certificate as a private key (.PFX) · Update Tomcat\conf\server.xml (the red sections) o <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystorePass="<Password>" keystoreFile=" <certificate>.pfx" keystoreType=”PKCS12” /> · Restart Tomcat Christie Pargeter | Sr Technical Analyst | tel 503-415-5149 From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Sanford, Claire Sent: Tuesday, May 03, 2016 2:54 PM To: arslist@ARSLIST.ORG Subject: Re: SSL Certificate Errors - Remedy ARS 7.6.04 Mid-Tier ** Tomcat From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Pargeter, Christie M :LSO IS Sent: Tuesday, May 03, 2016 4:39 PM To: arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG> Subject: [EXTERNAL] Re: SSL Certificate Errors - Remedy ARS 7.6.04 Mid-Tier ** IIS or Tomcat? Christie Pargeter | Sr Technical Analyst | tel 503-415-5149 From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Sanford, Claire Sent: Tuesday, May 03, 2016 1:50 PM To: arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG> Subject: SSL Certificate Errors - Remedy ARS 7.6.04 Mid-Tier ** Below is what the problem we are experiencing is: A Certificate Revocation List (CRL) was updated and published. It was built using SHA2 algorithm. Remedy started returning errors that the Certificate had been revoked, which it had not. A hypothesis was built that suggested the existing SHA1 certificate on the RemedyMid server was in conflict with the CRL. We attempted to replace the existing certificate (SHA1) with a SHA2 certificate and has failed. We tried replacing the cert with a new SHA1 certificate and are still having issues. The current behavior is what appears to be a “Self Signed” Cert is being generated that has a 3 month expiration. I have a ticket open with BMC. Has anyone experienced this and do you have any idea how to fix it? ITSM 7.6.04 SP3 ARS 7.6.04 SP3 Oracle 11.2.0.3.0 - 64bit Production Win 2008 Server Claire Sanford Information Systems Division Memorial Hermann Healthcare System claire.sanf...@memorialhermann.org<mailto:claire.sanf...@memorialhermann.org> _ARSlist: "Where the Answers Are" and have been for 20 years_ _ARSlist: "Where the Answers Are" and have been for 20 years_ _ARSlist: "Where the Answers Are" and have been for 20 years_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"