6.1.2 Authenticate User Access to Investigation Tab in ECM

This section tells how to authenticate users to access the Investigation tab in ECM.

Note:

The user needs a self-signed certificate to authenticate the user for accessing Investigation Tab in ECM.

If the user is not using the self-signed certificate, follow these steps:

1. Copy the following files from <COMPLIANCE_STUDIO_INSTALLATION_PATH>/deployed/mmg-home/mmg-studio/conf to the server where ECM is installed.
   • studio_server.p12
   • studio_server.jks

   Note:

   Make sure that the "studio_server.p12" and "studio_server.jks" certificates are compatible with Java 8. This is applicable only if the Compliance Studio server is in JDK 11 and the ECM application server is in Java 8. If there is a difference in Java versions, then both the files "studio_server.p12" and "studio_server.jks" must be recreated in Compliance Studio server and replaced in all necessary locations. For more information about these certificates, see Generate Self-signed Certificate section in the OFS Compliance Studio Installation Guide.
2. Run the following command to create certificate files.

   openssl pkcs12 -in studio_server.p12 -nokeys -out server_cert.pem
   openssl pkcs12 -in studio_server.p12 -nodes -nocerts -out server_key.pem
   keytool -certreq -keystore studio_server.jks -alias studio_server -
   keyalg RSA -file client.csr
   openssl x509 -req -CA server_cert.pem -CAkey server_key.pem -in
   client.csr -out client_certificate.pem -days 365 –CAcreateserial

3. Modify the path and run the following command.

   keytool -import -file "/<ECM Installation Path>/client_certificate.pem"
   -alias studio_server -keystore "<JDK Installed Directory>/lib/security/
   cacerts" -storepass "changeit"

   For example:

   keytool -import -file "Testserver/client_certificate.pem" -alias
   studio_server -keystore "jdk-11.0.10/lib/security/cacerts" -storepass
   "changeit"