SecurID^® Discussions

ChrisPolitis · ‎2018-12-04

How can I export WebTier SSL Key from webtier server/s?

_EricaChalfin · ‎2018-12-04

I've moved your question to the RSA SecurID Access" data-type="space space where it will be seen by the product's support engineers, other customers and partners. Please bookmark this page and use it when you have product-specific questions.

Alternatively, from the RSA Customer Support" data-type="space‌ page, click on Ask A Question on the blue navigation bar and choose Ask A Product Related Question. From there, scroll to RSA SecurID Access" data-type="space and click Ask A Question. That way your question will appear in the correct space.

Regards,

Erica

EdwardDavis · ‎2018-12-05

Here is one easy way

----

1) On command line of Primary AM server (not the web tier itself)

./rsautil manage-secrets -a listall

to get the passwords needed to manipulate the keystore

and make note of two passwords:

a) SSL Server Identity Certificate Keystore File Password

b) SSL Server Identity Certificate Private Key Password

2) Get a copy of /opt/rsa/am/server/security/vh-inactive.jks off the machine.

3) Open that jks file with (I use Keystore Explorer 5.x) and use password (a) to open it

From here you can do what you want with the virtualhost-id-key,

use password (b) to manage the private key or change the format, or do exports.

SecurID^® Discussions

Export copy of webtier ssl key

RSA Authentication Manager

SecurID® Discussions

Export copy of webtier ssl key

RSA Authentication Manager

SecurID^® Discussions