Add root CA certificates

For systems deployed with SSL, where the root CA on the target system is different from the root CA on the source system, bi-directional CA trust must be established.

The following CA trust is required for the Data Center and site servers communication:

• The target data center root CA certificate must be trusted by the source site servers, excluding the Survey Servers.

• The source site servers root CA certificate must be trusted by the target data center.

Procedure 

1. Add root CA certificates to source site servers as follows:

   1. Copy the root CA certificates used to sign the target Application Server certificates to the following location on all source site servers: %IMPACT360SOFTWAREDIR%Conf\security.

   2. Open a command window as an Administrator and navigate to %IMPACT360SOFTWAREDIR%Conf\security.

   3. Run the following command for each root CA certificate: InstallRootCACert.cmd <root_CA_certificate>.

2. Add root CA certificates to target Application Servers as follows:

   1. Copy the root CA certificates used to sign the source site servers certificates to the following location on all target Application servers: %IMPACT360SOFTWAREDIR%Conf\security.

   2. Open a command window as an Administrator and navigate to %IMPACT360SOFTWAREDIR%Conf\security.

   3. Run the following command for each root CA certificate: InstallRootCACert.cmd <root_CA_certificate>.