search cancel

Secure communication Guide for RA CLI

book

Article ID: 188006

calendar_today

Updated On:

Products

CA Release Automation - Release Operations Center (Nolio) CA Release Automation - DataManagement Server (Nolio)

Issue/Introduction

We have Release Automation(RA) configured to run only on SSL. We have CLI (Command Line Interface) which we want to communicate with RA Server over SSL.  How can we configure the CLI to connect with RA over SSL as currently we don't find any clear instructions of doing same.

Environment

Release Automation Server version: 6.5, 6.6, 6.7 or higher
CLI version: 6.5.0.10007, 6.6.0.9640,6.7.0.94 or higher

Component : CA RELEASE AUTOMATION CORE

Resolution

Please find steps to configure CLI to connect to RA on SSL

  • Copy the nolio.jks file generated following the guide Secure UI Communication in step 3 i.e. "keytool -importcert -alias ra-ms -file ms.crt -keystore nolio.jks -v -rfc" to the server where CLI is installed. For example in our case we copied the same to /CLI Install Dir/conf/custom folder.

  • Created copies of the following files:
    • asap.cmd => asap_c.cmd
    • asap.sh => asap_c.sh
    • nolio.cmd => nolio_c.cmd
    • nolio.sh => nolio_c.sh
  • Changed security parameters specified in the SECURITY_OPTS in above mentioned respective files i.e. asap.cmd, nolio.cmd, asap.sh and nolio.sh to point to new truststore and keystore
Example:

FROM

set SECURITY_OPTS=-Djavax.net.ssl.trustStore=conf/nolio.jks -Djavax.net.ssl.trustStorePassword=******* -Djavax.net.ssl.keyStore=conf/nolio.jks -Djavax.net.ssl.keyStorePassword=*****

TO

set SECURITY_OPTS=-Djavax.net.ssl.trustStore=conf/custom/nolio.jks -Djavax.net.ssl.trustStorePassword=<keystore-password> -Djavax.net.ssl.keyStore=conf/custom/nolio.jks -Djavax.net.ssl.keyStorePassword=<keystore-password>

Additional Information

In case if above doesn't work in your environment please contact Release Automation Technical Support providing below information
  • The files from your CLI ie. asap.sh, nolio.sh (In case if using windows shared nolio.cmd, asap.cmd)


  • Please share with us the output of below command written in keystore_out.txt
    keytool -list -v -keystore nolio.jks  >keystore_out.txt