Integrating OpManager with ServiceNow using 3rd party / self-signed SSL Certificate
OpManager can be integrated easily with ServiceNow using a 3rd party / self-signed SSL Certificate by using the following steps :
Step1: Get the keystore file and password
- Get the key store file and password used while generating the SSL certificates in OpManager. If certificate is present already, skip to step 3.
- To get the file path and password, open the file "server.xml" located under "<OpManager_Installed_Dir>/conf/server.xml" and check for the <Connector> tag.
Step2: Export the SSL certificate from keystore file
- To export SSL certificate from keystore file, run the following command and if prompted for password, enter the password from step1
where Alias Name is the certificate alias name.
- You can get list of aliases from key store using the following command
Step3: Import the SSL Certificate
To import the SSL certificate to a new trust store, run the following command
- If SSL Certificate is self-signed
- If SSL Certificate is CA-signed
Note: The Truststore password can be any password
Step4: Import trust store to ServiceNow
- Go to the Service Now Instance and select System Definition -> Certificates -> New.
- Select Type as Java Key Store and provide Truststore Password in the Key Store Password field
- Now select the message attachments and add the opmservicenow.truststore file
- Validate files before updating using Validate Stores/Certificates option
and click on Submit
Step5: Create a protocol profile in Servicenow
- Go to Service Now Instance -> System Security -> Protocol Profiles -> New
- Set Protocol field as opmhttps and select the previously created Certificate entry in Keystore field
and click on Submit
Step6: Set the OPM host url in OpManager
- In OpManager go to Settings-> Basic Settings -> Addon/Product Settings -> Service Now
- Provide the service now instance details. At first OpManager will try to connect with default host url and fail. After that you can provide the OpManger Public URL manually.
- Note: The URL should be of the form opmhttps://host_name:web_port/ where the web_port is the OpManagers web port and host_name refers to the host name or IP Address of the OpManger Instance.