How to configure Quality Center to use https?

  • Questions
  • How to configure Quality Center to use https?
Question ID: 104084
3
0

How to configure Quality Center to use https?

Marked as spam
Posted by (Questions: 70, Answers: 111)
Asked on April 7, 2010 5:41 pm
33 views
Answers (2)
3
Private answer

Enabling SSL support for Quality Center with Jboss

Assumptions

  1. Quality Center installed in "C:Program FilesHPQuality Center”
  2. JBOSS is being used for web server and application server.

Steps

After installing QC with JBoss as an application server and Web server, use the following instructions to create the corresponding keystore file and place the files on the server:

  1. Navigate to the QC _jvm directory.
    • cd "C:Program FilesHPQuality Center_jvm"
  2. Run the following commands. Make sure to replace "<server machine name>" with the name of the QC server:
    • set SERVER_DN="CN=<server machine name>, OU=X, O=Y, L=Z, S=XY, C=YZ"
    • set CLIENT_DN="CN=Client, OU=X, O=Y, L=Z, S=XY, C=YZ"
    • set KSDEFAULTS=-storepass changeit
    • set KEYINFO=-keyalg RSA
    • keytool -genkey -alias tomcat -dname %SERVER_DN% %KSDEFAULTS% -keystore server.keystore %KEYINFO% -keypass changeit
    • keytool -export -alias tomcat -file temp_server.cer %KSDEFAULTS% -keystore server.keystore
    • keytool -import -v -trustcacerts -alias tomcat -file temp_server.cer %KSDEFAULTS% -keystore client.keystore.trust -keypass changeit

    NOTE: Keytool executable file located under “C:Program FilesHPQuality Center_jvmbin”

  3. Make a backup copy of the “C:Program FilesHPQuality Center_jvmlibsecuritycacerts” file. Replace this original "cacerts" file with the "client.keystore.trust" file created by the commands above by copying "client.keystore.trust" to the ...security directory and renaming it to "cacerts."

  4. Place the server.keystore file in an accessible path (e.g., C:CAsserver.keystore).

  5. Copy (back up) the server.xml file from the “C:Program FilesHPQuality Centerjbossserverdefaultdeployjbossweb-tomcat55.sar” directory.

  6. Edit the "server.xml" file:

    • Uncomment the SSL connector, edit the keystoreFile and keystorePass options:

            <!-- SSL/TLS Connector configuration using the admin devl guide keystore -->
                    <Connector port="8443" address="${jboss.bind.address}"
                      maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
                      scheme="https" secure="true" clientAuth="false"
                      keystoreFile="C:CAsserver.keystore"
                     keystorePass="changeit" sslProtocol="TLS" />

    • Comment out the HTTP connector in the server.xml file.

    <!-- A HTTP/1.1 Connector on port 8080
    <Connector port="8081" address="${jboss.bind.address}"
             maxThreads="250" minSpareThreads="25" maxSpareThreads="75"
       &n

Marked as spam
Posted by (Questions: 0, Answers: 613)
Answered on April 7, 2010 8:22 pm
3
Private answer

Here is a cmd file to do many of the steps for you.
Same Path assumptions apply.


cd ''C:Program FilesHPQuality Center_jvm''

del server.keystore
del temp_server.cer
del client.keystore.trust

set SERVER_DN=''CN=ws2003, OU=X, O=Y, L=Z, S=XY, C=YZ''
set CLIENT_DN=''CN=Client, OU=X, O=Y, L=Z, S=XY, C=YZ''
set KSDEFAULTS=-storepass changeit
set KEYINFO=-keyalg RSA

.binkeytool -genkey -alias tomcat -dname %SERVER_DN% %KSDEFAULTS% -keystore
server.keystore %KEYINFO% -keypass changeit -validity 365

.binkeytool -export -alias tomcat -file temp_server.cer %KSDEFAULTS% -keystore
server.keystore

.binkeytool -import -v -trustcacerts -alias tomcat -file temp_server.cer %KSDEFAULTS%
-keystore client.keystore.trust -keypass changeit

copy .libsecuritycacerts .libsecuritybackup_cacerts

copy .client.keystore.trust .libsecuritycacerts

md c:CAs

copy .server.keystore c:CAs

cd ''C:Program FilesHPQuality Centerjbossserverdefaultdeployjbossweb-tomcat55.sar''

notepad server.xml

net stop ''HP Quality Center''

net start ''HP Quality Center''


Marked as spam
Posted by (Questions: 0, Answers: 613)
Answered on April 7, 2010 8:35 pm