Enable HTTPS and SSL between All DevTest Components Using Your Own Keystore

book

Article ID: 109006

calendar_today

Updated On:

Products

CA Application Test Service Virtualization CA Continuous Application Insight (PathFinder)

Issue/Introduction

How to enable HTTPS and SSL between DevTest Components Using Your Own Keystore

Cause

N/A

Environment

All supported releases and platforms of DevTest.

Resolution

The keystore will need to have the entire needed certificate chain (root, intermediate, server). 


Put the keystore in the DEVTEST_HOME folder of where each component is running.


Update these properties files and restart DevTest Components:

 

iam.properties file of where Identity Access Manager (IAM) is running:  By default IAM is https enabled.

iam.keystore=${IAM_HOME}certs/<your keystore here>
iam.keystore.password=<your keystore password, it gets stored in vault after IAM is started>
iam.truststore=${IAM_HOME}certs/<your trustore here, normally your keystore>
iam.truststore.password=<your trustore password, it gets stored in vault after IAM is started>



dradis.properties file of where your Enterprise Dashboard is running: 

dradis.webserver.https.enabled=true 
dradis.webserver.ssl.keystore.location=${DRADIS_HOME}YOURKEYSTORE 
dradis.webserver.ssl.keystore.password=(your keystore password) 
dradis.webserver.ssl.keymanager.password=(your keymanager password) 



site.properties file of where Registry is running: 

devtest.enterprisedashboard.https.enabled=true 



phoenix.properties of where Portal is running: 

registry.https.enabled=true 

phoenix.https.enabled=true 
phoenix.ssl.keystore=${LISA_HOME}/(your keystore) 
phoenix.ssl.keystore.password=(your keystore password) 
phoenix.ssl.keymanager.password=(your keymanager password) 


local.properties file of where each DevTest component is installed in case distributed: 

lisa.net.keyStore={{LISA_HOME}}/(your keystore)
lisa.net.keyStore.password={{LISA_HOME}}/(your keystore)

lisa.net.trustStore={{LISA_HOME}}/(your keystore)
lisa.net.trustStore.password={{LISA_HOME}}/(your keystore)

lisa.net.default.protocol=ssl 

lisa.webserver.https.enabled=true 
lisa.webserver.ssl.keystore.location={{LISA_HOME}}/(your keystore) 
lisa.webserver.ssl.keystore.password=(your keystore password) 
lisa.webserver.ssl.keymanager.password=(your keymanager password) 

lisa.portal.url.prefix=https:// 
 

 

vscatalog.vmoptions (if running as a server) or vscatalogService.vmoptions (if running as a service) of where the VS Catalog is running:

-Dsvcatalog.auth.host.url=https://IAM_MACHINE:51111/auth                                                  <=== where your IAM is running
-Dserver.ssl.key-store=file:///C:/DevTest10.6.0/VSCatalog/YOURKEYSTORE                        <=== fully qualified path to where your keystore is    (this example on Windows)
-Dserver.ssl.key-password=YOURKEYSTOREPASWD                                                           <=== password of keystore (note it will not get encrypted)
-Dserver.ssl.key-alias=KEYSTOREALIASNAMEOFYOURKEYPAIR                                       <=== make sure the alias name has no spaces 
-Dserver.ssl.key-store-provider=SUN
-Dserver.ssl.key-store-type=JKS
-Dlisa.webserver.https.enabled=true

 

Note: When starting SSL enabled Broker service , if you face any SSL issues, please see the document link below

https://knowledge.broadcom.com/external/article?articleId=205742

 

Additional Information

Of SSL, SNI, Java and DevTest 

https://community.broadcom.com/enterprisesoftware/viewdocument/of-ssl-sni-java-and-devtest?CommunityKey=94bda077-625b-4914-8ac3-c88a06c2cc23&tab=librarydocuments