HI All, I have a 8.1 ARS installed on Win server 2008 R2 box and in need to configure AREA authentication via SSL.
Simple Binding without SSL works fine, however i cant test the authentication from Remedy as the AD has a policy set such that we can only authenticate via SSL. Scenario is: Customer has an Enterprise CA server and there is not certificate DB on the windows box. So, following actions have been taken: 1. Followed the documentation on BMC site and installed mozilla build, NSS and then built the certificate database on the server hosting the ARS 8.1 2. We need to add certificate to the cert8.db. This is where we have issues. coz, the AD Admin created a certificate request file using native windows certutil tool and then requested the enterprise CA for a certificate and then installed the certificate. When i try to import the certificate to the certificate database using the NSS certutil tool, the certificate gets added. however, when i try to authenticate via AREA, i see an error in javaplugin.log as "Invalid Keystre format" I have never configured AREA over SSL and a novice to the certificates stuff. So, please help me understand following facts so that i can continue on the right path: 1. When the certificate request file is generated, the CN=<> should have the AD Server name or the hostname of the server that hosts ARS 8.1 2. as i understand even the nss based certutil also can create a certificate request file, should i create a certificate request file from this or does the creation of request file from native windows certutil also work? I have opened a case with BMC as well, however any help is also appreciated as i am in a tight spot currently -- - Karthik _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
