mleung8 Absent Member.
Absent Member.
678 views

Missing OSP.JKS

The OSP.JKS didn't created during the Identity Application 4.7 installation and config. Is there any TID or documentation showing how-to recreate the missing certificate? Thanks.

Regards

Michael
Labels (1)
0 Likes
4 Replies
Knowledge Partner
Knowledge Partner

Re: Missing OSP.JKS

On 4/30/2018 6:14 PM, mleung8 wrote:
>
> The OSP.JKS didn't created during the Identity Application 4.7
> installation and config. Is there any TID or documentation showing
> how-to recreate the missing certificate? Thanks.


You can make one with Keytool. It is in every JRE.

You need a private key for OSP to use, the public key of the Tomcat
cert, and the public key of the Tree CA in there. (NAM's side of the
SAML Metadata as well often helps).

This series I wrote may be helpful to you

https://www.netiq.com/communities/cool-solutions/configuring-idm-4-5s-osp-talk-shibboleth-idp
https://www.netiq.com/communities/cool-solutions/troubleshooting-osp-idm-4-5
https://www.netiq.com/communities/cool-solutions/troubleshooting-osp-idm-4-5-part-2
https://www.netiq.com/communities/cool-solutions/troubleshooting-osp-sspr-part-3



0 Likes
Knowledge Partner
Knowledge Partner

Re: Missing OSP.JKS

On 5/1/2018 7:53 AM, Geoffrey Carman wrote:
> On 4/30/2018 6:14 PM, mleung8 wrote:
>>
>> The OSP.JKS didn't created during the Identity Application 4.7
>> installation and config. Is there any TID or documentation showing
>> how-to recreate the missing certificate?  Thanks.

>
> You can make one with Keytool.  It is in every JRE.
>
> You need a private key for OSP to use, the public key of the Tomcat
> cert, and the public key of the Tree CA in there.  (NAM's side of the
> SAML Metadata as well often helps).
>
> This series I wrote may be helpful to you
>
> https://www.netiq.com/communities/cool-solutions/configuring-idm-4-5s-osp-talk-shibboleth-idp
>
> https://www.netiq.com/communities/cool-solutions/troubleshooting-osp-idm-4-5
>
> https://www.netiq.com/communities/cool-solutions/troubleshooting-osp-idm-4-5-part-2
>
> https://www.netiq.com/communities/cool-solutions/troubleshooting-osp-sspr-part-3


Really what OSP needs is a private key, to use in its metadata for SAML.
And to trust the public key of the other SAML partner (NAM) and of the
Identity Apps web server (Tomcat).


0 Likes
mleung8 Absent Member.
Absent Member.

Re: Missing OSP.JKS

Thanks Geoffc,

I followed your series to create the missing osp.jks certificate. User Application 4.7 working good now thanks again.

Michael
0 Likes
Knowledge Partner
Knowledge Partner

Re: Missing OSP.JKS

On 5/3/2018 10:54 AM, mleung8 wrote:
>
> Thanks Geoffc,
>
> I followed your series to create the missing osp.jks certificate. User
> Application 4.7 working good now thanks again.


Glad to help, send fish!

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.