How to configure Quality Center using JBoss to work with HTTPS/SSL

  • Questions
  • How to configure Quality Center using JBoss to work with HTTPS/SSL
Question ID: 104029
1
0

How do I configure Quality Center to use a secure port using SSL (secure socket layer) or HTTPS request?

Marked as spam
Posted by (Questions: 15, Answers: 10)
Asked on February 4, 2010 4:47 pm
19 views
Answers (2)
3
Private answer

Enabling SSL support for Quality Center with JBoss

  1. After installing QC with JBoss as an application server and Web server, use the following instructions to create the corresponding keystore file and place the files on the server:

    In a command Prompt, navigate to the Java bin directory (or JRE) (install it if you do not have it).

    Default location: Quality Center 10.0: C:Program FilesHPQuality Centerjavajrebin.

    Run the following commands.
    Make sure to replace <server name> with the name of the QC server:

    set SERVER_DN=''CN=<server name>, OU=X, O=Y, L=Z, S=XY, C=YZ''
    
    
    set CLIENT_DN=''CN=Client, OU=X, O=Y, L=Z, S=XY, C=YZ''
    
    
    set KSDEFAULTS=-storepass changeit
    
    
    set KEYINFO=-keyalg RSA
    
    
    keytool -genkey -alias tomcat -dname %SERVER_DN% %KSDEFAULTS% -keystore server.keystore %KEYINFO% -keypass changeit 
    
    
    keytool -export -alias tomcat -file temp_server.cer %KSDEFAULTS% -keystore server.keystore 
    
    
    keytool -import -v -trustcacerts -alias tomcat -file temp_server.cer %KSDEFAULTS% -keystore client.keystore.trust -keypass changeit
    

    note: Keytool executable file located under $INSTALL_FOLDER/_jvm/jre/bin

    Make a backup copy of the jrelibsecuritycacerts file. Replace this original ''cacerts'' file with the ''client.keystore.trust'' file created by the commands above by copying ''client.keystore.trust'' to the ...security directory and renaming it to ''cacerts.''

    Place the server.keystore file in an accessible path (e.g., C:CAsserver.keystore).

  2. Copy (back up) the server.xml file from the Mercury InteractiveQuality Centerjbossserverdefaultdeployjbossweb-tomcat50.sar directory.
    Note:For TestDirector for Quality Center 9.0, the path is MercuryQuality Centerjbossserverdefaultdeployjbossweb-tomcat55.sar

  3. Open the ''server.xml'' file:

    Uncomment the SSL connector, edit the keystoreFile and keystorePass options:

    <!-- SSL/TLS Connector configuration using the admin devl guide keystore -->
    <Connector port=''8443'' address=''${jboss.bind.address}''
    maxThreads=''100'' minSpareThreads=''5'' maxSpareThreads=''15''
    scheme=''https'' secure=''true'' clientAuth=''false''
    keystoreFile=''C:CAsserver.keystore''
    keystorePass=''changeit'' sslProtocol=''TLS'' />

    Comment out the HTTP connector in the server.xml file.

  4. Save the server.xml file, and restart JBoss and QC (e.g., via the Windows Services).

  5. Connect to QC using port 8443.

    Example:
    https://qcmachine:8443/qcbin/

Marked as spam
Posted by (Questions: 6, Answers: 167)
Answered on February 4, 2010 10:48 pm
0
Private answer

#

note: Keytool executable file located under $INSTALL_FOLDER/_jvm/jre/bin

Make a backup copy of the jrelibsecuritycacerts file. Replace this original ''cacerts'' file with the ''client.keystore.trust'' file created by the commands above by copying ''client.keystore.trust'' to the ...security directory and renaming it to ''cacerts.''

Place the server.keystore file in an accessible path (e.g., C:CAsserver.keystore).
#

Copy (back up) the server.xml file from the Mercury InteractiveQuality Centerjbossserverdefaultdeployjbossweb-tomcat50.sar directory. Note:For TestDirector for Quality Center 9.0, the path is MercuryQuality Centerjbossserverdefaultdeployjbossweb-tomcat55.sar
#

Open the ''server.xml'' file:

Uncomment the SSL connector, edit the keystoreFile and keystorePass options:

Comment out the HTTP connector in the server.xml file.
#

Save the server.xml file, and restart JBoss and QC (e.g., via the Windows Services).
#

Connect to QC using port 8443. [herve leger][1]

[1]: http://www.hervelegercp.com

Marked as spam
Posted by (Questions: 0, Answers: 1)
Answered on March 19, 2012 5:56 am