Cisco Cisco Prime Service Catalog 10.0 テクニカルリファレンス
5-24
Cisco Prime Service Catalog 10.0 Configuration Guide
OL-31034-01
Chapter 5 System Administration
Managing the Application
If the application is SSL-enabled, then the user will encounter a problem when trying to export a service
as an XML document. The connection to the application needs to authenticate to the server, and the
Service Catalog needs an SSL certificate.
as an XML document. The connection to the application needs to authenticate to the server, and the
Service Catalog needs an SSL certificate.
To enable the “export service” feature when Service Catalog is SSL-enabled:
Step 1
Export the trusted root CA certificate used by the Service Catalog web server, in Base 64 Encoding
format, into a file. The file will most likely have an “.arm” or “.cert” extension. This is a simple text file
that can be opened in any text editor.
format, into a file. The file will most likely have an “.arm” or “.cert” extension. This is a simple text file
that can be opened in any text editor.
Step 2
Find the CA certs keystore that comes with the Java installation on your application server. The CA certs
keystore for your Java installation is a file named cacerts.
keystore for your Java installation is a file named cacerts.
•
For JBoss, cacerts is located in <JAVA_HOME>\jre\lib\security.
•
For WebSphere, cacerts is located in <WAS_HOME>/java/jre/lib/security.
Step 3
Import the trusted root CA certificate of the Request Center web server into the Java’s cacerts keystore.
You can use either the Java keytool utility, or the IBM ikeyman utility if you are on a WebSphere
environment.
You can use either the Java keytool utility, or the IBM ikeyman utility if you are on a WebSphere
environment.
•
The keytool.exe program can be found in the <JAVA_HOME>/bin directory. For WebSphere, the
Java keytool.exe program is located in the <WAS_HOME>/java/jre/bin directory.
Java keytool.exe program is located in the <WAS_HOME>/java/jre/bin directory.
The following example provides the command line syntax for the Java keytool utility, which will
import the root CA certificate into cacerts:
import the root CA certificate into cacerts:
keytool.exe -import -trustcacerts -alias RC
–file <root_cert_file>
-keystore C:\jdk1.6.0_12\jre\lib\security\cacerts
where <root_cert_file> is the full pathname of the file that contains the root CA certificate of the
Service Catalog web server which you exported in step 1.
Service Catalog web server which you exported in step 1.
The keytool program will prompt you for a keystore password. For a new installation of Java, the
default keystore password for the “cacerts” file is “changeit”. Enter changeit, or another value if
you have already changed the password since you installed Java on this machine.
default keystore password for the “cacerts” file is “changeit”. Enter changeit, or another value if
you have already changed the password since you installed Java on this machine.
If the question “Trust this certificate?” appears, enter “y”.
Restart the application server instance, in order for the changes to take effect. Restart the whole
instance of JBoss, WebSphere or WebLogic in this machine, and not just an individual server or
application.
instance of JBoss, WebSphere or WebLogic in this machine, and not just an individual server or
application.
Cisco Prime Service Catalog Cached Data
Site Configuration Settings
Most site configuration settings are cached in the J2EE system for faster access. To reload any settings
that are used by the J2EE application, change any option on the Settings page of the Administration
module and click Update. This invalidates the cache and reloads the settings from that page.
that are used by the J2EE application, change any option on the Settings page of the Administration
module and click Update. This invalidates the cache and reloads the settings from that page.