This website uses cookies. By continuing to browse or login to this website, you consent to the use of cookies. Learn more.
OK
mleung8
Absent Member.
Absent Member.
‎2018-04-30 23:07
814 views

Missing OSP.JKS

The OSP.JKS didn't created during the Identity Application 4.7 installation and config. Is there any TID or documentation showing how-to recreate the missing certificate? Thanks.

Regards

Michael
Labels (1)
Labels
0 Likes
Reply
Report Inappropriate Content
4 Replies
geoffc
Knowledge Partner Knowledge Partner
Knowledge Partner
‎2018-05-01 12:53

On 4/30/2018 6:14 PM, mleung8 wrote:
>
> The OSP.JKS didn't created during the Identity Application 4.7
> installation and config. Is there any TID or documentation showing
> how-to recreate the missing certificate? Thanks.

You can make one with Keytool. It is in every JRE.

You need a private key for OSP to use, the public key of the Tomcat
cert, and the public key of the Tree CA in there. (NAM's side of the
SAML Metadata as well often helps).

This series I wrote may be helpful to you

https://www.netiq.com/communities/cool-solutions/configuring-idm-4-5s-osp-talk-shibboleth-idp
https://www.netiq.com/communities/cool-solutions/troubleshooting-osp-idm-4-5
https://www.netiq.com/communities/cool-solutions/troubleshooting-osp-idm-4-5-part-2
https://www.netiq.com/communities/cool-solutions/troubleshooting-osp-sspr-part-3



0 Likes
Reply
Report Inappropriate Content
geoffc
Knowledge Partner Knowledge Partner
Knowledge Partner
‎2018-05-01 14:23

On 5/1/2018 7:53 AM, Geoffrey Carman wrote:
> On 4/30/2018 6:14 PM, mleung8 wrote:
>>
>> The OSP.JKS didn't created during the Identity Application 4.7
>> installation and config. Is there any TID or documentation showing
>> how-to recreate the missing certificate?  Thanks.
>
> You can make one with Keytool.  It is in every JRE.
>
> You need a private key for OSP to use, the public key of the Tomcat
> cert, and the public key of the Tree CA in there.  (NAM's side of the
> SAML Metadata as well often helps).
>
> This series I wrote may be helpful to you
>
> https://www.netiq.com/communities/cool-solutions/configuring-idm-4-5s-osp-talk-shibboleth-idp
>
> https://www.netiq.com/communities/cool-solutions/troubleshooting-osp-idm-4-5
>
> https://www.netiq.com/communities/cool-solutions/troubleshooting-osp-idm-4-5-part-2
>
> https://www.netiq.com/communities/cool-solutions/troubleshooting-osp-sspr-part-3

Really what OSP needs is a private key, to use in its metadata for SAML.
And to trust the public key of the other SAML partner (NAM) and of the
Identity Apps web server (Tomcat).


0 Likes
Reply
Report Inappropriate Content
mleung8
Absent Member.
Absent Member.
‎2018-05-03 15:46

Thanks Geoffc,

I followed your series to create the missing osp.jks certificate. User Application 4.7 working good now thanks again.

Michael
0 Likes
Reply
Report Inappropriate Content
geoffc
Knowledge Partner Knowledge Partner
Knowledge Partner
‎2018-05-03 16:18

On 5/3/2018 10:54 AM, mleung8 wrote:
>
> Thanks Geoffc,
>
> I followed your series to create the missing osp.jks certificate. User
> Application 4.7 working good now thanks again.

Glad to help, send fish!

0 Likes
Reply
Report Inappropriate Content
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.