Using SSL communication between DevTest components
search cancel

Using SSL communication between DevTest components

book

Article ID: 113672

calendar_today

Updated On:

Products

Service Virtualization

Issue/Introduction

How to configure SSL between DevTest components using my own keystore.

Environment

All supported DevTest releases.

Cause

N/A

Resolution

Here are the steps to configure SSL between all DevTest components and using your own keystore.

 

In the local.properties enabled the following property:

lisa.net.default.protocol=ssl

This property enables SSL communication between components - Registry, Broker, Coordinator, Simulator, VSE, and Workstation

If DevTest is installed in a distributed environment, the property above needs to be enabled in each server.

 

By default DevTest will use the webreckeys.ks. A self-signed keystore delivered with DevTest issued to Lisa.

To use your own keystore and not the webreckeys.ks, provide your keystore under the properties below in the local.properties file in the Registry server: 

lisa.net.keyStore={{LISA_HOME}}keystore.jks
lisa.net.keyStore.password=PlainTextPasswordWilBeConvertedToEncrypted

 

When you are using your own keystore, you will need to create a truststore with the keypair certificate and provide it with the two properties below:

lisa.net.trustStore={{LISA_HOME}}truststore.ts
lisa.net.trustStore.password=PlainTextPasswordWilBeConvertedToEncrypted

 

If you have a distributed environment, the truststore needs to be provided in each remote server as well. 

Without the truststore, the Coordinator, Simulator, VSE and Workstation will not be able to connect to the Registry.

You will start seeing the following messages in the registry.log file:

SEVERE: Could not accept connection : javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown

 

Still in the Registry server, edit the local.properties and enable the following properties:

lisa.webserver.https.enabled=true
lisa.webserver.ssl.keystore.location={{LISA_HOME}}webserver.ks
lisa.webserver.ssl.keystore.password=yourpassword
lisa.webserver.ssl.keymanager.password=yourpassword
lisa.portal.url.prefix=https://

These properties enable HTTPS on port 1505 - the previous DevTest Console.

 

With the settings above you will enable SSL communication between DevTest components, but Portal and Enterprise Dashboard will still be responding via HTTP and not HTTPS.



To enable HTTPS with Enterprise Dashboard and Portal, please follow the steps below: 

 

In the Enterprise Dashboard Server, edit the dradis.properties file and uncomment the following properties, provide your own keystore or leave the default:

dradis.webserver.https.enabled=true
dradis.webserver.ssl.keystore.location=keystore.jks  (do not provide {{DRADIS_HOME}}, place the keystore under LISA_HOME and provide the keystore name in this property)
dradis.webserver.ssl.keystore.password=yourpassword
dradis.webserver.ssl.keymanager.password=yourpassword

 

In the Registry server, enable the property below. This property is available on the site.properties file:

devtest.enterprisedashboard.https.enabled=true

This property tells the Registry to connect to the Enterprise Dashboard over SSL.

 

In the Portal server, edit the phoenix.properties file, uncomment and configure the following properties:

registry.https.enabled=true
phoenix.https.enabled=true
phoenix.ssl.keystore=${LISA_HOME}/keystore.jks
phoenix.ssl.keystore.password=yourpassword
phoenix.ssl.keymanager.password=yourpassword

 

Save the modified properties files.

Restart DevTest components.

Powered by Wolken Software