...
Then the CA certificate needs to be transferred to the Ubisecure SSO server and added to the trusted certificates in the Java Runtime Environment. Note that Ubisecure SSO Server includes its own Java implementation and that is where the certificate needs to be added.
In Windows the Java certificate storage that Ubisecure SSO Server uses is by default in the following file:
...
The Active Directory certificate can be added to the Java certificate store using the keytool command. Here are example commands for Windows and Linux installations assuming keytool is in the path:
| Code Block | ||||
|---|---|---|---|---|
| ||||
cd /d "C:\Program Files\Ubisecure\ubilogin-sso\" setenv.cmd cd %JAVA_HOME%\lib\security keytool -importcert -keystore cacerts -trustcacerts -alias mytrustedca -file <insert filename here> -storepass changeit |
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
cd /usr/local/ubisecure/ubilogin-sso/ . /setenv.sh cd $JAVA_HOME/lib/security keytool -importcert -keystore cacerts -trustcacerts -alias mytrustedca -file <insert filename here> -storepass changeit |
...