I
ssue/Introduction:How to enable HTTPS and SSL between DevTest Components Using Your Own Keystore
Environment:All supported releases and platforms of DevTest.
Resolution:The keystore will need to have the entire needed certificate chain (root, intermediate, server).Put the keystore in the DEVTEST_HOME folder of where each component is running.
Update these properties files and restart DevTest Components:
iam.properties file of where Identity Access Manager (IAM) is running: By default IAM is https enabled.iam.keystore=${IAM_HOME}certs/<your keystore here>
iam.keystore.password=<your keystore password, it gets stored in vault after IAM is started>
iam.truststore=${IAM_HOME}certs/<your trustore here, normally your keystore>
iam.truststore.password=<your trustore password, it gets stored in vault after IAM is started>
dradis.properties file of where your Enterprise Dashboard is running:dradis.webserver.https.enabled=true
dradis.webserver.ssl.keystore.location=${DRADIS_HOME}YOURKEYSTORE
dradis.webserver.ssl.keystore.password=(your keystore password)
dradis.webserver.ssl.keymanager.password=(your keymanager password)
site.properties file of where Registry is running: (this can also be defined in the local properties)devtest.enterprisedashboard.https.enabled=true
phoenix.properties of where Portal is running:registry.https.enabled=true
phoenix.https.enabled=true
phoenix.ssl.keystore=${LISA_HOME}/(your keystore)
phoenix.ssl.keystore.password=(your keystore password)
phoenix.ssl.keymanager.password=(your keymanager password)
local.properties file of where each DevTest component is installed in case distributed: lisa.net.keyStore={{LISA_HOME}}/(your keystore)
lisa.net.keyStore.password={{LISA_HOME}}/(your keystore)
lisa.net.trustStore={{LISA_HOME}}/(your keystore)
lisa.net.trustStore.password={{LISA_HOME}}/(your keystore)
lisa.net.default.protocol=ssl
lisa.webserver.https.enabled=true
lisa.webserver.ssl.keystore.location={{LISA_HOME}}/(your keystore)
lisa.webserver.ssl.keystore.password=(your keystore password)
lisa.webserver.ssl.keymanager.password=(your keymanager password)
lisa.portal.url.prefix=https://
vscatalog.vmoptions (if running as a server) or vscatalogService.vmoptions (if running as a service) of where the VS Catalog is running:-Dsvcatalog.auth.host.url=https://IAM_MACHINE:51111/auth <=== where your IAM is running
-Dserver.ssl.key-store=file:///C:/DevTest10.6.0/VSCatalog/YOURKEYSTORE <=== fully qualified path to where your keystore is)
-Dserver.ssl.key-password=YOURKEYSTOREPASWD <=== password of keystore (note it will not get encrypted)
-Dserver.ssl.key-alias=KEYSTOREALIASNAMEOFYOURKEYPAIR <=== make sure the alias name has no spaces
-Dserver.ssl.key-store-provider=SUN
-Dserver.ssl.key-store-type=JKS
-Dlisa.webserver.https.enabled=true
Note: When starting SSL enabled Broker service , if you face any SSL issues, please see the document link below
https://knowledge.broadcom.com/external/article?articleId=205742This is also a KB article:
https://knowledge.broadcom.com/external/article?articleId=109006------------------------------
Technical Support Engineer III
Broadcom, Inc
------------------------------