Importing a CA Certificate for SSL Connections
To authenticate SSL connections using a CA certificate, import the certificate and instruct FME Server to add it to the list of trusted certificates.
- Make a backup of the current list of trusted Certificate Authorities:
- Obtain your RootCA certificate as a .cer file:
- Add the certificate to the list of trusted ones:
- Linux:
- Windows:
- <rootca-alias> is the custom alias for the certificate.
- <cer-file> is the path to the .cer file downloaded in step 2.
- Restart FME Server.
<FMEServerDir>/Utilities/jre/lib/security/cacerts
http://<domain-controller>/certsrv/certcarc.asp > 'install this CA certificate'
Or, contact your domain administrator
Open the command terminal and issue the following commands:
cd <FMEServerDir>/Utilities/jre
./bin/keytool -import -trustcacerts -alias <rootca-alias> -file <cer-file> -keystore ./lib/security/cacerts
Launch cmd.exe and issue the following commands:
cd <FMEServerDir>\Utilities\jre
bin\keytool -import -trustcacerts -alias <rootca-alias> -file <cer-file> -keystore
lib\security\cacerts
When prompted for keystore password, default is changeit.
When prompted to trust certificate, answer yes.
Where: