Certificates
The CAM Administration Service automatically generates a certificate that is used for storing credentials. If you have multiple CAM Administration Service machines, you can use CAM Certificate Manager to generate certificates that contain a persistent, private key that you can export so that you can use encrypted credentials on multiple CAM Administration Service machines.
Storage
Any certificates you create are stored in the Trusted Root Certificate Authorities hive in the machine store and optionally saved to the file system. The private key is encrypted and stored in the Registry for quick access by the CAM Administration Service. The private key is encrypted in a way that can only be decrypted on the same machine by a user who is an administrator on the machine. It is important to keep these machines secure.
Usage
After you create or export a certificate you want to use on a CAM Administration Service machine:
- Apply it by
running CAM Certificate Manager on that machine.
- If you're using CAM SaaS Analytics, you must run CAM Certificate Manager on the machine that has IIS hosting the CAM SaaS Analytics web application.
- Select the certificate and then select
Upload Certificate.
After uploading a certificate:
- Restart both the CAM SaaS Analytics IIS application pool and the CAM SaaS Analytics web application after you apply the certificate. If you use CSM, you can restart the IIS application pool by following the instructions in Reset IIS from the Service Monitor.
- To restart CAM Administration Service, open the Windows Services control panel, right-click CAM Administration Service, then select Restart.
If you previously copied an older certificate to other CAM Administration Service machines and then created a new certificate, export that newer certificate to the other machines.