Getting Started with iManage Security Policy Manager in the Cloud

On this page:

About certificates for import
Obtaining the certificate
Installing the certificate

About certificates for import

An SSL certificate is a digital certificate that enables an encrypted connection between the system you are importing from and SPM, by authenticating the identity of the SPM Server that the import is connecting to.

SSL is enabled in SPM Service in the Cloud. In order to connect to SPM over SSL, you must add the full chain of trust of the SPM Server SSL certificate to the java truststore of the system from which you are performing the import(s). Details on how you can do this are provided in the subsections below.

Obtaining the certificate

The steps below show how to obtain the full chain of trust of the SPM Server SSL certificate, in PEM format, Mozilla® Firefox®. However, similar steps can be performed in other browsers - refer to the relevant browser product documentation for more information.

Log in to SPM Administration Console using Mozilla® Firefox®. (See Access SPM and assign initial administrative roles.)
Select the padlock icon beside the address bar. Connection security information is displayed.
Select More Information. The Page Info dialog opens at the Security tab.
Select View Certificate. The certificate information is displayed.
Under Miscellaneous, select (Download) PEM (chain).
Select to view the downloaded PEM file.

TIP: To check the certificate downloaded is in the correct (PEM, Base64) format, you can open the file in a text editor. PEM files are displayed as follows:

-----BEGIN CERTIFICATE-----
<certificate information>
-----END CERTIFICATE-----

where <certificate information> is the certificate content, comprising alphanumeric and special characters.

Save the file, noting its location. You will need this when installing the certificate.

Installing the certificate

Copy/Install the certificate onto the machine from which you are performing the import(s). The following steps describe how to do this:

Open the command line interface as a user with administrator access.
Import the certificate into the java truststore using a command similar to:

<keytool.exe location> -importcert -file <certificate location> -alias <cert alias> -keystore "<truststore location>"

Where:
- <keytool.exe location> is the location of the Java Keytool EXE. This EXE is included within standard JDK or JRE distributions, for example: "%JAVA_HOME%\bin\keytool".
  - <certificate location> is the filepath to the certificate including the certificate name.
  - <truststore location> is the location of the cacerts truststore file, for example C:\Program Files\Java\<JAVA_VERSION>\lib\security\cacerts
  - <cert alias> is the optional alias of the certificate.
Enter the truststore password when prompted. (The default truststore password is changeit.)

The certificate is now in place to enable the import to connect to SPM Service in the Cloud.