Import the Trusted Certificate from WebCenter Content Server to Content and Experience Cloud
Since SSL is enabled on UCM, import the trusted certificate of the UCM server to Content and Experience Cloud, for the successful handshake between it and UCM.
Take the following steps to import the trusted certificate;
-
Access the UCM server in a Firefox browser. Click the warning icon before the address bar.
-
Click the right arrow.
-
Click More Information.
-
Click on View Certificate.
-
Click the Details tab.
Description of the illustration details_tab.png -
Click the Export button.
Description of the illustration export-button.png -
Download the certificate to a Windows machine.
Description of the illustration download_certificate.png -
To import the certificates into the Content and Experience server's castore, follow these steps:
Description of the illustration import_certificates.png-
In a Putty terminal, SSH to the VM1. Then copy the certificate previously downloaded on the Windows machine to this VM1.
-
Import the certificate using the following command:
keytool -import-trustcacerts -alias adcucmpod -keystore /u01/jdk/jre/lib/security/cacerts -storepass <password> -file /u01/app/oracle/tools/home/oracle/DemoCertFor_oce_domain.crt This command imports the UCM certificate to CEC truststore. Following are the parameters used in thiscommandkeytool - This is a java command used forimporting the certificates to keystores. Also before running thiscommand, check ifkeytool command works fine in the terminal. Type keytool, it will show options available, this means that you can run the keytool command. If it does not give options, then set the JAVA_HOME correctly, keytool will start working import- This command is used when we importthe certificates trustcacerts - This argument tells keytool that you want to importthisas a trusted certificate. alias - This is unique name. The certificates will be mapped to thisalias name. Here we have given the name as adcucompod, we gave any meaningful name as alias name keystore - In thiscontext, the Java Standard Trust Keystore location noted down in the earlier step from console has to be given ie /u01/jdk/jre/lib/security/cacerts storepass - We have to give the password of keystore. In our casewe have to give the password of cacerts which is <password>. file - The location where the certificate had been copied from the Windows machine. In this case the certificate was copied to following location on the VM /u01/app/oracle/tools/home/oracle/DemoCertFor_oce_domain.crt
-
When you run this command, you will be asked if this certificate can be trusted. Type Yes.
-
Repeat the same steps for VM2 as well. First get the location of the
cacerts
from the console, then copy the certificate to VM2, and then import the certificate to the cacerts truststore. -
Restart all the servers.