Overview
System-to-System (S2S) functionality allows an institution to transmit proposals from Kuali Research to Grants.gov. In order to utilize this functionality, configuration is required to obtain and set up the necessary S2S certificates. Below is an outline of the configuration and authorization steps needed for these certificates. If you are a hosted customer, Kuali will work with you directly and make the necessary technical configurations on your behalf to get this setup.
Technical Configuration (Self-Hosted)
If hosted, this required technical configuration will be done by the Kuali team but if you're an on-prem customer the below steps outline the process.
Familiarize yourself with Grants.gov-provided instructions.
Build a Java Keystore (JKS) with certificate
- Procure a Certificate from a Certificate Authority (Digicert, Comodo, etc...)
- Kuali Research requires a Java Keystore (JKS) file. You may need to convert what the CA provides to this format.
- Search online for instructions on how to convert from the format provided by your CA to JKS. For example: P12 to JKS
- When importing your certificate to the JKS file, include your organization's DUNS number as the certificate alias.
- Multiple certificates, each aliased with a DUNS number, can reside in a single JKS.
Register with Grants.gov
Grants.gov requires the following information in order to register the certificate:
- Organization Name
- Unique Entity Identifier (UEI)
- Organization Email
- Certificate Serial Number
- Public Certificate PEM File
- Target Grants.gov Environment: Training or Production
Grants.gov certificates will be installed in the instances specified in your request form. The training site will be used for testing and configuration. Those institutions who have never accessed the grants.gov training site must register at https://training.grants.gov/web/grants/register.html before they can log in and authorize the S2S certificate on the training.grants.gov website.
Once a certificate is obtained, submit the certificate to Grants.Gov using the provided PDF. When notification that the certificate has been installed, the E-Biz point of Contact needs to log into Grants.Gov and authorize the new AOR. This action needs to be done in both the grants.gov and training.grants.gov sites. See the section below on authorizing certificates.
Configuration Parameters - Grants.gov
Update the following parameters in kc-config.xml:
- s2s.keystore.location - The full path to your Keystore.
- s2s.keystore.password - The Keystore Password.
- s2s.truststore.location - Path to an updated 'cacerts' file.
- s2s.truststore.password - Password for the cacerts file.
Set System Parameters
- s2s.polling.scheduler.enabled=TRUE|FALSE
- s2s.polling.scheduler.cronExpression = 0 0/20 * * * ? (can be changed to whatever timing you want; default is every 20 minutes)
- SCHEDULER_SERVICE_ENABLED=1|0
- PROPOSAL_CONTACT_TYPE=<UNIT_ADMINISTRATOR_TYPE_CODE > for the “Grants.Gov Proposal Contact” type
Authorizing Certificates
Once you have submitted your certificates and receive an email from Grants.gov about authorizing, you can follow the steps below to complete this process:
- Go to the appropriate Grants.gov URL. (PRD = http://grants.gov; SBX = http://training.grants.gov)
- In the top, right corner of the homepage, click on the LOGIN link.
- From the right-hand corner, select the [Login as EBIZ POC] button.
- Enter the user credentials and click the [Login] button.
- Select the Manage Certificates link in the left navigation menu. Only the EBiz POC or a user with the Expanded AOR role will be able to access the Manage Certificates link.
- Select the Manage Roles link under the Actions column for the certificate whose roles you wish to view or change. The Manage Roles for Applicants pop-up window will open.
- In the Certificate Role section, select the Expanded AOR Certificate role.
- Click the Save button to apply your changes.
- The steps above will need to be done in both the PRD and Test/Training Grants.gov sites.
Comments
0 comments
Article is closed for comments.