How to Enable
HTTPS on PowerCenter Admin Console
11. Generate a keystore file.
Provide valid values for CN, OU, O, L, S, C when prompted. The
value for CN is the host name of the server where PowerCenter is installed. It
can be a fully qualified name or just the host name depending on how you access
the Administration Console.
[infadev@infadev
9.6.1]$ cd /sbx/informatica/9.6.1/java/jre/bin
[infadev@infadev
bin]$ keytool -genkey -alias tomcat -keyalg RSA -keysize 2048 -validity 1000
-keystore tomcat.keystore
Enter
keystore password:
Re-enter
new password:
What
is your first and last name?
[Unknown]:
Infa
What
is the name of your organizational unit?
[Unknown]:
Infa
What
is the name of your organization?
[Unknown]:
Infa
What
is the name of your City or Locality?
[Unknown]:
Infa
What
is the name of your State or Province?
[Unknown]:
CA
What
is the two-letter country code for this unit?
[Unknown]:
US
Is
CN=Infa, OU=Infa, O=Infa, L=Infa, ST=CA, C=US correct?
[no]:
Y
Enter
key password for
(RETURN if same as keystore password):
Re-enter
new password:
[infadev@infadev
bin]$
[infadev@infadev
bin]$ ls -ltr tomcat*
-rw-rw-r–
1 infadev uxa_info_sbx_adm_l 2201 Oct 23 16:39 tomcat.keystore
[infadev@infadev
bin]$
22. View the contents of the keystore:
[infadev@infadev
bin]$ keytool -list -v -alias tomcat -keystore tomcat.keystore
Enter
keystore password:
Alias
name: tomcat
Creation
date: Oct 23, 2017
Entry
type: PrivateKeyEntry
Certificate
chain length: 1
Certificate[1]:
Owner:
CN=Infa, OU=Infa, O=Infa, L=Infa, ST=CA, C=US
Issuer:
CN=Infa, OU=Infa, O=Infa, L=Infa, ST=CA, C=US
Serial
number: 111ef740
Valid
from: Mon Oct 23 16:39:26 CDT 2017 until: Sun Jul 19 16:39:26 CDT 2020
Certificate
fingerprints:
Version: 3
Extensions:
#1:
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier
[
KeyIdentifier
[
]
]
33. Self-signed Certificate
Generate a self-signed certificate using the MD5 algorithm and add
it to the keystore. (Note: Enter the password which was provided in step 1 when
prompted)
[infadev@infadev bin]$ keytool
-selfcert -alias tomcat -sigalg
“SHA256withRSA” -keypass Changeme1 -storepass Changeme1 -validity 365
-dname “CN=Infa, OU=Infa, O=Infa, L=Infa, ST=CA, C=US” -keystore
tomcat.keystore
- View the contents of the
keystore:
[infadev@infadev
bin]$ keytool -list -v -alias tomcat
-keystore tomcat.keystore
Enter
keystore password:
Alias
name: tomcat
Creation
date: Oct 23, 2017
Entry
type: PrivateKeyEntry
Certificate
chain length: 1
Certificate[1]:
Owner:
CN=Infa, OU=Infa, O=Infa, L=Infa, ST=CA, C=US
Issuer:
CN=Infa, OU=Infa, O=Infa, L=Infa, ST=CA, C=US
Serial
number: 32bc32f8
Valid
from: Mon Oct 23 16:47:09 CDT 2017 until: Tue Oct 23 16:47:09 CDT 2018
Certificate
fingerprints:
Version: 3
Extensions:
]
]
Step 5 : Copy the generated keystore file
to the INFA_HOME/tomcat/conf directory on the server.
Step 6: Shut down the node process by running infaservice.sh
shutdown.
Step 7: CD to the INFA_HOME/server directory, and run the
updateGatewayNode command. Please take a backup of the
INFA_HOME/isp/config/nodemeta.xml file before running this command.
./infasetup.sh updategatewaynode -da DBHost:1521 -du INFDOM -dp dbpwd
-ds infapp -dn Domain_dev -hs 8443 -kf
/sbx/informatica/9.6.1/tomcat/conf/tomcat.keystore -kp Changeme1
Step 8: Start Node
Step 9: Log into Admin Console with
host:port address – The page should redirect to the
HTTPS URL.