Setting up SSL on Control-M/Agent

This procedure describes how to set up SSL on Control-M/Agent for Application Integrator.

NOTE: Relevant when upgrading Control-M Application Integrator versions 9.18.100 and below.

To set up SSL on Control-M/Agent:

  1. Import the new SSL certificate from CA to the keystore:

    $JAVA_HOME/bin/keytool -import -alias <alias_name> -keystore <Agent_instance>/cm/AP/data/security/apcerts -storepass appass -file <path/to/the/ssl_cert.cer>

    NOTE: appass is the default password and can be changed.

  2. (Optional) Confirm the keystore content by typing the following command:

    $JAVA_HOME/bin/keytool -list -v -keystore <Agent_instance>/cm/AP/data/security/apcerts > output_filename

  3. When upgrading from a previous Application Integrator version, you need to import the old keystore to the new one:

    $JAVA_HOME\JRE\bin\keytool.exe -importkeystore -srckeystore <previous_keystore> -srcstorepass <previous_keystore_password> -destkeystore apcerts -deststorepass appass

  4. Restart the Tomcat server for the action to take effect.

Parent Topic

Application Integrator configuration