Follow

DSE Certificates Setup for Web Services Access

This document details the steps to install proper SSL certifications required for DSE to access Web Services.

I. Download the attached Java security files

  1. Download two files, “local_policy.jar” and “US_export_policy.jar”
  2. Place (Replace if necessary) the jar files in the following location “C:\Program Files\Java\jdk1.7.0_25\jre\lib\security”

** IMP NOTE: Above mentioned .jar files work for JDK version 1.7 and above.

Note: C:\Program Files\Java\jdk1.7.0_25 is the JAVA_HOME location used for DSE.

II. Download the attached Certificate files

  1. For Pre-Production download certificate titled Pre_ProdEpa.gov.crt.
  2. For Production download certificate titled ProdEpa.gov.crt”.
  3. The following command has to be executed from the folder where the certificates are saved.

a. Open command prompt (In administrator mode) and navigate to the folder where the certificate is saved.

b. Run the following command for Pre-Production.

keytool.exe -import -alias Pre_ProdEpa_gov -file Pre_ProdEpa.gov.crt -keystore "{JAVA_HOME PATH}jre\lib\security\cacerts"

c. Run the following command for Production.

keytool.exe -import -alias ProdEpa_gov -file ProdEpa.gov.crt -keystore "{JAVA_HOME PATH}jre\lib\security\cacerts”

Note: Replace “JAVA_HOME PATH” with path that JAVA_HOME is pointing to.

III. Add the following line at the end of the setenv.bat file from (https://cmdp.zendesk.com)

  1. Set JAVA_OPTS=-Dhttps.protocols=TLSv1.1,TLSv1.2
  2. If tomcat is run as a service, open tomcat properties, navigate to Java tab and in “Java_Options” section enter the following line at the end.

a. -Dhttps.protocols=TLSv1.1,TLSv1.2

IV. Download and replace dseWebAdmin.war file from CMDP HELP Desk (https://cmdp.zendesk.com)

V. Restart Tomcat.

-------------------

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Article is closed for comments.