APPLIES TO:
Siebel CRM - Version 17.0 [IP2017] to 17.0 [IP2017] [Release V17]
Information in this document applies to any platform.
PURPOSE
This document describes how to quickly create and configure a Secure Sockets Layer (SSL) certificate and certificate authority for use with Siebel Innovation Pack 17. It is recommended that you use your company’s keystore and truststore during installation. However, if a keystore and truststore are unavailable to you, this document describes how to create a self-signed certificate for a quick installation.
DETAILS
It is recommended that you use this document together with the steps described on the following site: https://sites.google.com/site/ddmwsst/create-your-own-certificate-and-ca
Before you begin.
You must have installed and configured OpenSSL and Java. This allows you to use OpenSSL and Java Keytool directly from the command line.
Creating and configuring a SSL certificate and certificate authority for Siebel Innovation Pack 17 is determined by certain components as follows:
• Web Browser
• Application Interface
• Certificate Authority
• Gateway
Command usage:
keytool -genkey -alias siebel -keystore c:\keys\siebelkeystore.jks -keyalg RSA
-sigalg SHA1withRSA -dname "cn=ip17demohost.demo.cp.com"
Is not working for them since the keystore file just coded for single host name where the authentication will be accepted from this host : cn=ip17demohost.demo.cp.com
To generate the certificate in multi tier installation in the same domain is to use the command :
keytool -genkey -alias siebel -keystore c:\keys\siebelkeystore.jks -keyalg RSA
-sigalg SHA1withRSA -dname "cn=*.demo.cp.com"
By giving "cn=*.demo.cp.com" it will accept the connection for all incoming request from Domain :demo.cp.com.
Siebel CRM - Version 17.0 [IP2017] to 17.0 [IP2017] [Release V17]
Information in this document applies to any platform.
PURPOSE
This document describes how to quickly create and configure a Secure Sockets Layer (SSL) certificate and certificate authority for use with Siebel Innovation Pack 17. It is recommended that you use your company’s keystore and truststore during installation. However, if a keystore and truststore are unavailable to you, this document describes how to create a self-signed certificate for a quick installation.
DETAILS
It is recommended that you use this document together with the steps described on the following site: https://sites.google.com/site/ddmwsst/create-your-own-certificate-and-ca
Before you begin.
You must have installed and configured OpenSSL and Java. This allows you to use OpenSSL and Java Keytool directly from the command line.
Creating and configuring a SSL certificate and certificate authority for Siebel Innovation Pack 17 is determined by certain components as follows:
• Web Browser
• Application Interface
• Certificate Authority
• Gateway
Command usage:
keytool -genkey -alias siebel -keystore c:\keys\siebelkeystore.jks -keyalg RSA
-sigalg SHA1withRSA -dname "cn=ip17demohost.demo.cp.com"
Is not working for them since the keystore file just coded for single host name where the authentication will be accepted from this host : cn=ip17demohost.demo.cp.com
To generate the certificate in multi tier installation in the same domain is to use the command :
keytool -genkey -alias siebel -keystore c:\keys\siebelkeystore.jks -keyalg RSA
-sigalg SHA1withRSA -dname "cn=*.demo.cp.com"
By giving "cn=*.demo.cp.com" it will accept the connection for all incoming request from Domain :demo.cp.com.
Hello Vetri,
ReplyDeleteI am having issue while configuring Admin Interface Console with host:httpsPort.
I mentioned certificate CN as *Domain
Alert
Invalid Gateway Host Name and/or HTTPS Port.
Thanks
Gaurav
Share the configuration logfiles and the steps you followed.
DeleteHi,
ReplyDeleteI have followed above SSL certificate creation doc however with https unable to login in Apache as well as SMC.
http Apache page gets launched.
Please suggest