CentraSite 10.11 | CentraSite Administrator’s Guide | Configuring CentraSite | Configuring Secure Communication Between Components | Securing Communication Between the CRR and the CAST | Obtaining Security Configuration of CentraSite Registry Repository
 
Obtaining Security Configuration of CentraSite Registry Repository
Pre-requisites:
To fetch the security communication for CentraSite Registry Repository (CRR) through the Command Line Interface, you must have the CentraSite Administrator role.
You can view the SSL security values of CentraSite Registry Repository environment.
CentraSite provides a command tool named get SSL RR for this purpose.
*Run the command get SSL RR.
The syntax is of the format: C:\SoftwareAG\CentraSite\utilities>CentraSiteCommand.cmd get SSL RR -file <CONFIG-FILE>
The input parameters are:
Parameter
Description
CONFIG-FILE
The absolute or relative path to the XML configuration file, RR-config.xml, containing the security properties. If relative, the path should be relative to the location from where the command is executed.
Example (all in one line):
C:\SoftwareAG\CentraSite\utilities>CentraSiteCommand.cmd get SSL RR -file RR-config.xml
The response to this command is as follows:
Executing the command : get SSL RR

Successfully executed the command : get SSL RR
Sample RR-config.xml configuration file is as follows:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties>
<entry key="com.softwareag.centrasite.security.keyStore">
C:/SoftwareAG/CentraSite/test/files/certs/castcert.p12
</entry>
<entry key="com.softwareag.centrasite.security.keyStorePassword">
cscert
</entry>
<entry key="com.softwareag.centrasite.security.keyStoreType">PKCS12
</entry>
<entry key="com.softwareag.centrasite.security.trustStore">
C:/SoftwareAG/CentraSite/test/files/certs/casttrust.p12
</entry>
<entry key="com.softwareag.centrasite.security.trustStorePassword">
cscert
</entry>
<entry key="com.softwareag.centrasite.security.trustStoreType">
PKCS12
</entry>
<entry key="com.softwareag.centrasite.security.crr.trustStore">
C:/SoftwareAG/CentraSite/test/files/certs/crrtrust.pem
</entry>
<entry key="com.softwareag.centrasite.security.crr.certificate">
C:/SoftwareAG/CentraSite/test/files/certs/crrcert.crt
</entry>
<entry key="com.softwareag.centrasite.security.crr.keyFile">
C:/SoftwareAG/CentraSite/test/files/certs/crr.key
</entry>
<entry key="com.softwareag.centrasite.security.crr.storePassword">
cscert
</entry>
</properties>
The RR configuration file has two sets of SSL parameters, com.softwareag.centrasite.security.* and com.softwareag.centrasite.security.crr.*. The com.softwareag.centrasite.security.crr.* properties enables the SSL communication for CRR Java-based server extensions and the com.softwareag.centrasite.security.* properties enables the SSL CAST communication.
Note:
The crr.storePassword is only needed if the com.softwareag.centrasite.security.crr.keyFile private key file is encrypted.