Integrating OpManager with ServiceNow using 3rd party / self-signed SSL Certificate
OpManager can be integrated easily with ServiceNow using a 3rd party / self-signed SSL Certificate by using the following steps:
Step 1: Get the keystore file and password
- Get the key store file and password used while generating the SSL certificates in OpManager. If certificate is present already, skip to step 3.
- To get the file path and password, open the file "server.xml" located under "<OpManager_Installed_Dir>/conf/server.xml" and check for the <Connector>tag.
Step 2: Export the SSL certificate from keystore file.
- To export SSL certificate from keystore file, run the following command and if prompted for password, enter the password from Step 1
where Alias Name is the certificate alias name.
- You can get list of aliases from key store using the following command
Step 3: Import the SSL Certificate.
To import the SSL certificate to a new trust store, run the following command
- If SSL Certificate is self-signed:
- If SSL Certificate is CA-signed:
Note: The Truststore password can be any password.
Step 4: Import Truststore to ServiceNow:
- Go to the ServiceNow Instance and select System Definition → Certificates → New.
- Select Type as Java Key Store and provide Truststore Password in the Key Store Passwordfield
- Now select the message attachments and add the opmservicenow.truststorefile.
- Validate files before updating using Validate Stores/Certificates option and click on Submit..
Step 5: Create a protocol profile in ServiceNow
- Go to ServiceNow Instance → System Security → Protocol Profiles → New
- Set Protocol field as opmhttps and select the previously created Certificate entry in Keystore field and click on Submit.
Step 6: Set the OPM host URL in OpManager.
- In OpManager go to Settings → General Settings → Third Party Integrations → ServiceNow and click 'Configure'.
- Provide the ServiceNow instance details, and click 'Save'. Note that the URL should be of the form opmhttps://host_name:web_port/ where the web_port is OpManager's web port and host_name refers to the host name or IP Address of the OpManager instance.