To establish an SSL connection between Secure API Manager and Access Manager you must export the Access Manager trusted root certificate and then import the trusted root certificate to the appliance that will host the Database Service component.
Ensure that you import the Access Manager trusted root certificate before you deploy a Database Service component. The Deployment Manager copies the Access Manager trusted root certificate to each component when it deploys the component. If you do not import the Access Manager trusted root certificate, the Deployment Manager does not work properly. NetIQ wants to ensure that all communication between Secure API Manager and Access Manager is over SSL to avoid any security issues.
Ensure that you import the Access Manager trusted root certificate before you deploy a Database Service component. The Deployment Manager copies the Access Manager trusted root certificate to each component when it deploys the component. If you do not import the Access Manager trusted root certificate, the Deployment Manager does not work properly. NetIQ wants to ensure that all communication between Secure API Manager and Access Manager is over SSL to avoid any security issues.
To export the Access Manager trusted root certificate:
Log in to the Access Manager administration console.
Click Security > Trusted Roots.
Click the name of the trusted root certificate named configCA.
Click Export Public Certificate > DER File.
Access Manager automatically downloads the certificate.
Ensure that you can access this certificate from the appliance that will run the Database Service component.
After you have obtained a copy of the Access Manager trusted root certificate in the DER format, you must import the certificate to the appliance that will run the Database Service component.
To import the Access Manager trusted root certificate:
Log in to the appliance management console for the appliance that will become the first Database Service component using the root user and password that you set during the deployment of the appliance. For more information, see Deploying the Secure API Manager Appliances.
https://ip-address-or-dns-name-appliance:9443Click Digital Certificates.
In the Key Store field, select Custom Application Certificates.
Click File > Import > Trusted Certificate.
Click Browse and browse to and select the Access Manager trusted root certificate, then click Open.
Click OK.
In the toolbar, click Home, then click Reboot to reboot the appliance.
The reboot adds the Access Manager certificate to the appliance’s key store. At this point, you can finish the integration with Secure API Manager and Access Manager in the Deployment Manager. For more information, see Completing the Integration Between Secure API Manager and Access Manager.