Add the certificate to the list of trusted certificates

To connect to the IXIA TEXTML Server, you must provide the clients, such asIXIA CCMS Desktop, IXIA CCMS Output Generator, IXIA CCMS Scheduler, and IXIA CCMS Web, with the IXIA TEXTML Server signed certificate in the list of trusted certificates.

About this task

To add the signed certificate to the list of trusted certificates, you must run the keytool command in the JRE/JDK for each client.

Note: If you get an error message, make the pertinent changes and try again.
  • If you get an error message indicating that the certificate cannot be trusted, you need to add the root certificate for the trusted authority, since the default certificate store rarely contains the root certificates for your installation. Contact your commercial root certificate authority (CA) for more information.

  • If you receive an error message that indicates the user or password doesn't exist, it's likely your root certificate is not installed in the certificate store. Install and also make sure all intermediate certificates are installed.

Procedure

  1. On the machine where the CCMS component is installed, copy the root CA and the Intermediate Certificate (if present) to a temp folder c:\temp or /tmp.

    To execute the next step you need to be in the JRE/bin or JDK/bin folder used by each CCMS component. Each CCMS components has a configuration entry that is specific to the JRE/JDK location for that component.

    Client Sample JRE/JDK Path for Each Component
    IXIA CCMS Desktop Windows: C:\ixiasoft-ccms\cms-<instance name>\jre\bin
    Note: Do this for each <instance name>.
    • IXIA CCMS Output Generator
    • IXIA CCMS Scheduler
    Windows: %install_dir%\jdk\bin

    Linux: %install_dir%/jdk/bin

    Note: Wherever it is defined in the wrapper.conf file.
    CCMS Web Windows: c:\Ixiasoft\ccms\jdk-11\bin

    Linux: /opt/ixiasoft/ccms/jdk-11/bin

    Java Console Windows: C:\Program Files\IxiaSoft\TextmlServer44\TextmlAdminJava\jre\bin

    Linux: /opt/ixiasoft/bin/5167/textmladminjava/jre/bin

  2. Open a command prompt and go to the \jre\bin directory for the client.
  3. Run the following command:
    For the: Enter:
    • CCMS Desktop
    • IXIA CCMS Output Generator
    • CCMS Web
    • IXIA CCMS Scheduler
    • TEXTML Java Console
    Windows:
    
    keytool -importcert -keystore ..\lib\security\cacerts -storepass changeit -file c:\temp\textml_root_cert.pem -alias company_root_ca
    
    keytool -importcert -keystore ..\lib\security\cacerts -storepass changeit -file c:\temp\textml_intermediate_cert.pem -alias company_intermediate_ca
    								
    Linux:
    
    keytool -importcert -keystore ..\lib\security\cacerts -storepass changeit -file /tmp/textml_root_cert.pem -alias company_root_ca
    
    keytool -importcert -keystore ..\lib\security\cacerts -storepass changeit -file /tmp/textml_intermediate_cert.pem -alias company_intermediate_ca
    								
    Information about the certificate results, along with the following prompt:
    Trust this certificate? [no]:
  4. Enter yes.
    The certificate is added to the keystore.
  5. Repeat this procedure for every client that connects to the IXIA TEXTML Server.