Friday, August 5, 2011

Quality Center SSL

How to configure Quality Center using JBoss to work with HTTPS

  • After installing QC with JBoss as an application server and Web server, use the following instructions to create the corresponding keystore file and place the files on the server:

    • Navigate to the Java home directory via the Command Prompt.

      Note:
      Default locations:
      TestDirector for Quality Center 8.2: C:\Program Files\Mercury Interactive\Quality Center\_jvm.
      TestDirector for Quality Center 9.0, and 9.2 : C\:Program Files\Mercury\Quality Center\java.
      TestDirector for Quality Center 10.00: C:\Program Files\HP\Quality Center\java.
    • Run the following commands. Make sure to replace "<server machine name>" with the name of the QC server:

      set SERVER_DN="CN=<server machine name>, OU=X, O=Y, L=Z, S=XY, C=YZ"
      set CLIENT_DN="CN=Client, OU=X, O=Y, L=Z, S=XY, C=YZ"
      set KSDEFAULTS=-storepass changeit
      set KEYINFO=-keyalg RSA
      keytool -genkey -alias tomcat -dname %SERVER_DN% %KSDEFAULTS% -keystore server.keystore %KEYINFO% -keypass changeit
      keytool -export -alias tomcat -file temp_server.cer %KSDEFAULTS% -keystore server.keystore
      keytool -import -v -trustcacerts -alias tomcat -file temp_server.cer %KSDEFAULTS% - keystore client.keystore.trust -keypass changeit
    • Make a backup copy of the <Java Home Directory>\jre\lib\security\cacerts file. Replace this original "cacerts" file with the "client.keystore.trust" file created by the commands above by copying "client.keystore.trust" to the ...security directory and renaming it to "cacerts." As a note, the "client.keystore.trust" file is created on the location that the above commands were excuted.
    • Place the server.keystore file in an accessible path (e.g., C:\CAs\server.keystore).
  • Copy (back up) the server.xml file from the C:\Program Files\Mercury Interactive\Quality Center\jboss\server\default\deploy\jbossweb-tomcat50.sar directory.

    Note:
    For TestDirector for Quality Center 9.0, and 9.2, the path is C:\Program Files\Mercury\Quality Center\jboss\server\default\deploy\jbossweb-tomcat55.sar
    For TestDirector for Quality Center 10.00, the path is C:\Program Files\HP\Quality Center\jboss\server\default\deploy\jbossweb-tomcat55.sar
  • Open the "server.xml" file:
    • Uncomment the SSL connector, edit the keystoreFile and keystorePass options:

      <!-- SSL/TLS Connector configuration using the admin devl guide keystore -->
      <Connector port="8081" address="${jboss.bind.address}"
      maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
      scheme="https" secure="true" clientAuth="false"
      keystoreFile="C:\CAs\server.keystore"
      keystorePass="changeit" sslProtocol="TLS" />
    • Comment out the HTTP connector in the server.xml file.
  • Save the server.xml file, and restart JBoss and QC (e.g., via the Windows Services).
  • Connect to QC using port 8081.

 

Posted by at
Labels:

1 comment:

  1. Ch Ahmad Bilal KhalidApril 10, 2013 at 5:03 AM

    i have tried it many times, but its not working for me.

    for me i can not access the sever through alias, so i even tried to put in ipaddress instead of server name.

    for me, it only works with http protocol even after the ssl by using your idea is deployed

    ReplyDelete

Subscribe to: Post Comments (Atom)