Secure communication Guide for RA CLI

ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Secure communication Guide for RA CLI

book

Article ID: 188006

calendar_today

Updated On:

Products

CA Release Automation - Release Operations Center (Nolio) CA Release Automation - DataManagement Server (Nolio)

Issue/Introduction

We have Release Automation(RA) configured to run only on SSL. We have CLI (Command Line Interface) which we want to communicate with RA Server over SSL. How can we configure the CLI to connect with RA over SSL as currently we don't find any clear instructions of doing same.

Environment

Release Automation Server version: 6.5, 6.6, 6.7 or higher
CLI version: 6.5.0.10007, 6.6.0.9640,6.7.0.94 or higher

Component : CA RELEASE AUTOMATION CORE

Resolution

Please find steps to configure CLI to connect to RA on SSL

Configure SSL at Release Automation as per guide Secure UI Communication

Copy the nolio.jks file generated following the guide Secure UI Communication in step 3 i.e. "keytool -importcert -alias ra-ms -file ms.crt -keystore nolio.jks -v -rfc" to the server where CLI is installed. For example in our case we copied the same to /CLI Install Dir/conf/custom folder.

Created copies of the following files:

```
asap.cmd => asap_c.cmd
```
```
asap.sh => asap_c.sh
```
```
nolio.cmd => nolio_c.cmd
```
```
nolio.sh => nolio_c.sh
```

Changed security parameters specified in the SECURITY_OPTS in above mentioned respective files i.e. asap.cmd, nolio.cmd, asap.sh and nolio.sh to point to new truststore and keystore

Example:

FROM

set SECURITY_OPTS=-Djavax.net.ssl.trustStore=conf/nolio.jks -Djavax.net.ssl.trustStorePassword=******* -Djavax.net.ssl.keyStore=conf/nolio.jks -Djavax.net.ssl.keyStorePassword=*****

set SECURITY_OPTS=-Djavax.net.ssl.trustStore=conf/custom/nolio.jks -Djavax.net.ssl.trustStorePassword=<keystore-password> -Djavax.net.ssl.keyStore=conf/custom/nolio.jks -Djavax.net.ssl.keyStorePassword=<keystore-password>

Additional Information

In case if above doesn't work in your environment please contact Release Automation Technical Support providing below information

The files from your CLI ie. asap.sh, nolio.sh (In case if using windows shared nolio.cmd, asap.cmd)

Please share with us the output of below command written in keystore_out.txt

    keytool -list -v -keystore nolio.jks  >keystore_out.txt

Feedback

thumb_up Yes

thumb_down No