Step 2 (conditional): Export the SSL certificate

If you are securing communication between HCP and AD, you need to export the SSL root certificate of the CA that you created in Create the SSL certificate so that you can upload it to HCP. For instructions on uploading the certificate to HCP, see Configure support for AD in HCP.

If you did not create an SSL certificate, skip this step.

To export the SSL certificate:

1.On the Windows server running the AD certificate authority, click on the Start button.

2.In the Search programs and files field, enter: cmd

A Windows command prompt window opens.

3.Change to the directory to which you want to write the file containing the exported certificate.

4.Enter this command to export the certificate:

certutil -ca.cert cert-name.cer

In this command, cert-name is the name (minus the .cer extension) of the file that will contain the exported certificate.

If the export is successful, the window displays the contents of the certificate followed by this message:

CertUtil: -ca.cert command complete successfully.

If you don’t see this message, check that the your applicable AD domain has a domain controller that is configured with the certificate authority role and that you ran this command on the domain controller that has the CA role installed. After verifying, try the procedure again, starting from step 9 in Create the SSL certificate.

5.Copy the file containing the exported certificate to the Windows client from which you plan to access the HCP System Management Console.

Trademark and LegalDisclaimer

© 2016 Hitachi Data Systems Corporation. All rights reserved.