./keytool -export -keystore /opt/rsa/am/server/security/trust.jks -file am_root.cer -alias rsa-am-ca
Alias rsa-am-ca
Enter keystore password: <Enter>
****************** WARNING WARNING WARNING ******************
* The integrity of the information stored in your keystore *
* has not been verified! in order to verify its integrity, *
* you must provide your keystore password. *
****************** WARNING WARNING WARNING ******************
Certificate stored in file <am_root.cer>
cd /opt/rsa/appserver/jdk/jre/bin
ls -ltr
total 2636
-rwxr--r-- 1 rsaadmin rsaadmin 186333 Sep 11 2013 unpack200
-rwxr--r-- 1 rsaadmin rsaadmin 272145 Sep 20 2013 tnameserv
-rwxr--r-- 1 rsaadmin rsaadmin 272191 Sep 20 2013 servertool
-rwxr--r-- 1 rsaadmin rsaadmin 272191 Sep 20 2013 rmiregistry
-rwxr--r-- 1 rsaadmin rsaadmin 272191 Sep 20 2013 rmid
-rwxr--r-- 1 rsaadmin rsaadmin 272191 Sep 20 2013 policytool
-rwxr--r-- 1 rsaadmin rsaadmin 272191 Sep 20 2013 pack200
-rwxr--r-- 1 rsaadmin rsaadmin 272081 Sep 20 2013 orbd
-rwxr--r-- 1 rsaadmin rsaadmin 272191 Sep 20 2013 keytool
-rwxr--r-- 1 rsaadmin rsaadmin 270119 Sep 20 2013 java
-rw-r--r-- 1 root root 922 Jul 27 12:50 am_root.cer
cd <JDK> or <JRE>\bin
keytool -import -keystore "C:\am_sdk\ssl\trust.jks" -storepass changeit -file "C:\am_sdk\ssl\am_root.cer" -alias rsa_am_ca –trustcacerts
Owner: SERIALNUMBER=05465834828b8489f116a70d4fdbedd21bf4907b388274773ee2cd4f2a62f6e8, CN=marge.csau.ap.rsa.net
Issuer: SERIALNUMBER=404fac110b5bf2748c37b18e1429487ba98c863b561f89ac8b50ea7140c1f5cc, CN=RSA root CA for marc.csau.ap.rsa.net
Serial number: 3b38b92d61f2b7857e884b32c9245ac1
Valid from: Wed Oct 05 06:34:48 CST 2016 until: Mon Oct 05 05:34:48 2036
Certificate fingerprints:
MD5: 78:EA:0F:55:1B:2C:EE:01:93:32:5D:B7:4E:A4:3E:B4
SHA1: 48:BC:2D:C4:8A:82:5A:9C:94:80:F0:CF:94:9D:9C:8B:FE:C3:A7:9A
SHA256: 06:B2:5A:63:A3:D9:39:3B:CB:18:25:E7:35:CA:51:0C:C0:4F:98:35:1C:
2F:71:18:B5:34:AA:17:37:50:EA:9F
Signature algorithm name: SHA256withRSA
Version: 3
Extensions:
#1: ObjectID: 2.5.29.19 Criticality=true
BasicContraints:[
CA:false
PathLen: undefined
]
Trust this certificate? [no] yes
Certificate was added to keystore
./rsautil manage-secrets --action list
Please enter OC Administrator username: <enter the name of an Operations Console administrator>
Please enter OC Administrator password: <enter the password for the Operations Console administrator>
Secrets stored in ./etc/systemfields.properties.
Command API Client User ID ............................: CmdClient_06q3iicq
Command API Client User Password ......................: V5KNLLjnJD81NyRfzi7L71xKV0towQ
SSL Server Identity Certificate Private Key Password ..: bOyxnV032yVRMQWnFftb4fNG7xq9VP
SSL Server Identity Certificate Keystore File Password : UVPAsZhN4eWyh1pb3RSAY3MgIUtZNL
Root Certificate Private Key Password .................: djLvIilLRqDNZfwgkVc9ZgTLBQrAX6
Root Certificate Keystore File Password ...............: Ttw14wO6zVzCatRLrYHDS9nkPKfYnl
The "listkeys" action displays the key names to use when setting the values.
# Server URL. NOTE: Replace local1 with the hostname of the managed server
java.naming.provider.url = t3s://marge.csau.ap.rsa.net:7002
# User ID for process-level authentication.
com.rsa.cmdclient.user = CmdClient_06q3iicq
# Password for process-level authentication
com.rsa.cmdclient.user.password = V5KNLLjnJD81NyRfzi7L71xKV0towQ
# SOAPCommandTargetBasicAuth provider URL
ims.soap.client.provider.url = https://marge.csau.ap.rsa.net:7002/ims-ws/services/CommandServer
[Program Arguments]
list-users superadmin P@55w0rd
[VM Arguments]
-Dweblogic.security.SSL.trustedCAKeyStore="C:\am_sdk\ssl\trust.jks"
-Dbea.home="<SDK>\lib\java"
-Dsun.lang.ClassLoader.allowArraySyntax=true