KeyTool GUI Instructions

Summary:

This document provides a guide on how to troubleshoot issues importing certificates into the cacerts file using KeyToolGui while logged into an ArcSight ESM Console workstation. The steps include navigating to the console's installation directory, running "arcsight keytoolgui", opening the keystore at "\connector\current\jre\lib\security\cacerts", entering the default password (changeit or changeme), importing a trusted certificate into cacerts by selecting it from the list and saving it. For testing purposes, use demo certificates if available, otherwise follow these steps to resolve issues.

Details:

KeyToolGui Instructions are provided as a guide for users who encounter difficulties in importing certificates into their cacerts from the command line. To use this tool, follow these steps while logged into any workstation connected to the ArcSight ESM Console: 1. Navigate to the directory where the console is installed (e.g., arcsight\console\current\bin). 2. Type "arcsight keytoolgui" and press Enter. 3. On the displayed screen, select "File" > "Open Keystore", then browse to the connector's location: \connector\current\jre\lib\security\cacerts. 4. You will be prompted for a password; use the default suggested password "changeit". If this does not work, try using "changeme". 5. Upon successfully entering the correct password, you will see the list of cacerts content. 6. Select "Tools" > "Import Trusted Certificate", and then import your certificate into the cacert. Under "File," choose to save it. 7. If available for testing, use demo certificates; otherwise, proceed with the above steps as per the instructions provided.