Enabling SSL using .PFX certificate in OpManager version 12

Steps to enable SSL using .Pfx certificate

1. First you need to convert the .pfx type to .truststore type. Place your .pfx certificate in \OpManager\jre\bin\ folder. To do that, open a command prompt as an Administrator and go to \OpManager\jre\bin directory.

2. Run this below command with the correct .pfx file.

keytool.exe -importkeystore -srckeystore mykeystore.pfx -destkeystore OpManager.truststore -srcstoretype pkcs12 -deststoretype JKS

It will ask you for a password, please use the pfx password as the truststore password for both destination and source.

3. OpManager.truststore file will be generated under \OpManager\jre\bin folder after running the above command, copy this truststore file, and place it under \OpManager\conf folder.

4. Now edit ssl_server.xml from \opmanager\server_xml_bkp\ folder, and set the values for below attributes.

Search the term "connector port" and replace the values for the attributes highlighted in red.

port="give your port number" address="0.0.0.0" keystoreFile="./conf/OpManager.truststore" keystorePass="provide the pfx password"

Save the file, copy this "ssl_server.xml" file, rename this as server.xml and replace it with the current (server.xml)one under \OpManager\conf\ folder

5. Edit the OpManagerStartUp.properties file under \OpManager\conf\OpManager folder. Set the value of the parameter "https" as "Enable" and save it.

6. Start OpManager service and check.