SV - Enable TLS 1.2 for DevTest and SSL communication between components


Article ID: 140760


Updated On:


CLOUDTEST CA Application Test CA Cloud Test Mobile MOBILECLOUD Service Virtualization


We  must move to TLS 1.2 with DevTest 10.4. Due to security mandates, we must use TLS 1.2 or higher.  Also , we would like to use SSL communication between DevTest components. 
How to acheive that?  


Release : 10.4

Component : CA Service Virtualization


Create a signed CA Cert  for the Server  that has   IAM , Registry, VSE , portal, Broker.Coordinator, Simulator .  Make sure you use the FQDN and Short  names  for the Domain name.  

Here are the configuration that you would do..


1. Configure IAM for SSL : How to implement a keystore with a CA chain with DevTest IAM

  • 1. Copy your certificate to this folder: DEVTEST_HOME/IdentityAccessManager/certs
  • 2. Made a backup of the DEVTEST_HOME/IdentityAccessManager/standalone/configuration/standalone.xml file.
  • 3. Edit this file and change this line:

Change webreckeys.ks to be your keystore and passphrase to be your password.

Restarted IAM and was able to bring up the browser and show the IAM URL as being secured.

Bring up Browser and enter URL https://

:51111 for IAM.

Note: Have noticed with Firefox, that the certificate chain is not automatically pulled into the browser, so the root and intermediate certificates had to be manually imported into the Firefox. Chrome and IE work without having to do this.

2. To enable HTTPS with Enterprise Dashboard :

In the Enterprise Dashboard Server, edit the file and uncomment the following properties, provide your own keystore or leave the default:

dradis.webserver.ssl.keystore.location=keystore.jks (do not provide {{DRADIS_HOME}}, place the keystore under LISA_HOME and provide the keystore name in this property)

3. This property enables SSL communication between components - Registry, Broker, Coordinator, Simulator, VSE, and Workstation

In the enabled the following property:

This property enables SSL communication between components - Registry, Broker, Coordinator, Simulator, VSE, and Workstation

If DevTest is installed in a distributed environment, the property above needs to be enabled in each server.

By default DevTest will use the webreckeys.ks. A self-signed keystore delivered with DevTest issued to Lisa.

To use your own keystore and not the webreckeys.ks, provide your keystore under the properties below in the file in the Registry server:{{LISA_HOME}}keystore.jks

When you are using your own keystore, you will need to create a truststore with the keypair certificate and provide it with the two properties below:{{LISA_HOME}}truststore.ts

More details to create the truststore in the link below:

If you have a distributed environment, the truststore needs to be provided in each remote server as well.

Without the truststore, the Coordinator, Simulator, VSE and Workstation will not be able to connect to the Registry.

You will start seeing the following messages in the registry.log file:

SEVERE: Could not accept connection : Received fatal alert: certificate_unknown

Still in the Registry server, edit the and enable the following properties:


These properties enable HTTPS on port 1505 - the previous DevTest Console.

For TLSv version
in the add

4, In the Portal server, edit the file, uncomment and configure the following properties:


Save the modified properties files.

Restart DevTest components.