To import RSA Tokens using the Network Configuration Manager RSA Token Service Tool, follow these steps:

The windows service NCM_RSATokenService is stopped and restarted when running the Network Configuration Manager RSA Token Service Tool.

Step

Action

1

Log into the server as a user with administrator privileges using the Windows Account username and password created in steps 7 and 8 of the section “Installing the RSA Token Service using the graphical installer mode” on page 146.

3

Open a command prompt and navigate to the [Product Directory]\tokenservice\bin directory.

4

Note:

Running the Network Configuration Manager RSA Token Service Tool will delete the .sdtid file. It is advisable to backup the .sdtid file before running the Network Configuration Manager RSA Token Service Tool.

To run the Network Configuration Manager RSA Token Service Tool:

  • Type NCMRSATokenService -importTokens <Directory Path>, where <Directory Path> is the location of the RSA software token files (in .sdtid format) exported from the RSA Authentication Manager and must be copied manually on to the Token Server.

  • Press Enter.

    Note:

    More than one .sdtid file can be placed in the <Directory Path> directory.

5

Authenticate with the Network Configuration Manager RSA Token Service utility.

6

Verify the .sdtid files are password protected.

  • Enter yes or no at the prompt.

  • If you entered yes, type the password for the .sdtid files.

The Network Configuration Manager RSA Token Service Tool may take several hours to complete if you are importing a large number of RSA tokens into the Network Configuration Manager RSA Token Server.

7

  1. Manually download the server certificate, using the Browser, from the RSA token server and add it as a trusted certificate in the keystore.

  2. Create the RSA.cer by downloading the certificate

  3. In the NCM AS, run the following commands:

    $VOYENCE_HOME/java/bin/keytool -keystore
    $VOYENCE_HOME/java/jre/lib/security/cacerts -import -file /RSA.cer -alias VCRSA