ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Configure HTTPS to the DevTest Portal and the Registry with a self-signed certificate

book

Article ID: 213871

calendar_today

Updated On:

Products

Service Virtualization

Issue/Introduction

How to configure HTTPS from the browser for just the DevTest Portal and the Registry with a self-signed certificate.

Environment

Release : 10.5, 10.6

Component : CA Service Virtualization

Resolution

1) Create a self-signed certificate and keystore with the following command in the DevTest home folder: 
"C:\Program Files\CA\DevTest\jre\bin\keytool" -genkey -alias "self-sign devtest" -keyalg RSA -keystore "C:\Program Files\CA\DevTest\sskeystore.jks" -ext san=dns:<hostname>,dns:<FQDN hostname>,dns:localhost
For <hostname> and <FQDN hostname> use the hostname where the portal is running.
Then for the question 'What is your first and last name?' enter the same hostname.
Answer other questions as appropriate and remember the password.

2) Export the self-signed certificate from the keystore and add this to the root certificates used by the browser:
"C:\Program Files\CA\DevTest\jre\bin\keytool" -storepass *** -keypass *** -export -keystore "C:\Program Files\CA\DevTest\sskeystore.jks" -alias "self-sign devtest" -file "C:\Program Files\CA\DevTest\sskeystore.cer"

In Google Chrome the certificates can be accessed from Settings -> Privacy and Security -> Security -> Manage Certificates

3) Configure the following properties files: 
local.properties:

lisa.webserver.https.enabled=true
lisa.webserver.ssl.keystore.location={{LISA_HOME}}sskeystore.jks
lisa.webserver.ssl.keystore.password=...
lisa.webserver.ssl.keymanager.password=...
lisa.portal.url.prefix=https://
https.protocols=TLSv1.2,TLSv1.1,TLSv1.0

phoenix.properties:

registry.https.enabled=true
phoenix.https.enabled=true
phoenix.ssl.keystore=${LISA_HOME}/sskeystore.jks
phoenix.ssl.keystore.password=...
phoenix.ssl.keymanager.password=...

4) Restart the DevTest services and access the DevTest portal from the browser with: 
https://<hostname>:1507/devtest

Additional Information

To configure HTTPS and SSL between all DevTest Components using your own keystore see:
https://knowledge.broadcom.com/external/article?articleId=109006