This article applies to environments that were upgraded from CG 1.1.2 (with Sentinel embedded) to CG 1.1.3 SP9 or higher (still using Sentinel embedded).

In this case the sso.jks was updated while applying SP9/SP10 and there is only one extra action to be taken in order to have the embedded Sentinel working properly on CG 113.

After updating the sso.jks via SP9/SP10 the Sentinel Report, Audit and Monitoring may not be accessible anymore from the CG UI.

There are 2 options for restoring access to the Sentinel Report, Audit and Monitoring from the CG UI:

Option 1: import passportca.cer via KeyStore Explorer

1. Download the attached passportca.cer

2. Open the truststoreSSO.jks with KeyStore Explorer

• the truststoreSSO.jks is located in CentralGovernance\runtime\com.axway.nodes.sentinel_NNNN\sentinel\conf\security
• The jks password is the CG Encryption Key value

3. Import the passportca.cer into the truststoreSSO.jks

4. Start CG and start the Sentinel server.

or

Option 2: import passportca.cer via keytool command

1. Download the attached passportca.cer

2. Execute

keytool -import -alias passport -file passportca.cer -keystore truststoreSSO.jks

• the truststoreSSO.jks is located in CentralGovernance\runtime\com.axway.nodes.sentinel_NNNN\sentinel\conf\security
• The jks password is the CG Encryption Key value

3. Start CG and start the Sentinel server.