Service Virtualization

Implement Your Own Keystore with DevTest IAM and VS Catalog

  • 1.  Implement Your Own Keystore with DevTest IAM and VS Catalog

    Broadcom Employee
    Posted 27 days ago

    How to implement your own keystore with DevTest IAM and VS Catalog

    N/A

    DevTest 10.5.0 and later.

    Configuring using a Certificate Authority (CA) keystore with IAM:

    1. Copy your keystore to the /IdentityAccessManager/certs folder
    2. Update /IdentityAccessManager/iam.properties file with your keystore information.


    Configuring using a Certificate Authority (CA) keystore with VS Catalog:

    1. Will use the same keystore as used with IAM
    2. Edit /bin/vscatalog.vmoptions
    3. Add these lines:

    -Dserver.ssl.key-store=<fully qualified path to keystore>
    -Dserver.ssl.key-password=<keystore password> 
    -Dserver.ssl.key-store-type=JKS 
    -Dserver.ssl.key-alias=<alias of the certificate>

    Restart both IAM and VS Catalog.

    Bring up Browser and enter URL https://<hostname>:51111 for IAM.

    Bring up Browser and enter URL https://<hostname>:51110 for VS Catalog. 

    Not Secure will be resolved because it is finding the certificate issued by a valid CA.

    NOTE:

    Have noticed with Firefox, that the certificate chain is not automatically pulled into the browser, so the root and intermediate certificates had to be manually imported into the Firefox. Chrome and IE work without having to do this.

    How to implement your own keystore with DevTest IAM and VS Catalog

    N/A

    DevTest 10.5.0 and later.

    Configuring using a Certificate Authority (CA) keystore with IAM:

    1. Copy your keystore to the /IdentityAccessManager/certs folder
    2. Update /IdentityAccessManager/iam.properties file with your keystore information.


    Configuring using a Certificate Authority (CA) keystore with VS Catalog:

    1. Will use the same keystore as used with IAM
    2. Edit /bin/vscatalog.vmoptions
    3. Add these lines:

    -Dserver.ssl.key-store=<fully qualified path to keystore>
    -Dserver.ssl.key-password=<keystore password> 
    -Dserver.ssl.key-store-type=JKS 
    -Dserver.ssl.key-alias=<alias of the certificate>

    Restart both IAM and VS Catalog.

    Bring up Browser and enter URL https://<hostname>:51111 for IAM.

    Bring up Browser and enter URL https://<hostname>:51110 for VS Catalog. 

    Not Secure will be resolved because it is finding the certificate issued by a valid CA.

    NOTE:

    Have noticed with Firefox, that the certificate chain is not automatically pulled into the browser, so the root and intermediate certificates had to be manually imported into the Firefox. Chrome and IE work without having to do this.

    How to implement your own keystore with DevTest IAM and VS Catalog

    N/A

    DevTest 10.5.0 and later.

    Configuring using a Certificate Authority (CA) keystore with IAM:

    1. Copy your keystore to the DEVTESt_HOME/IdentityAccessManager/certs folder
    2. Update DEVTEST_HOME/IdentityAccessManager/iam.properties file with your keystore information.


    Configuring using a Certificate Authority (CA) keystore with VS Catalog:

    1. Will use the same keystore as used with IAM
    2. Edit /bin/vscatalog.vmoptions
    3. Add these lines:

    -Dserver.ssl.key-store=<fully qualified path to keystore>
    -Dserver.ssl.key-password=<keystore password> 
    -Dserver.ssl.key-store-type=JKS 
    -Dserver.ssl.key-alias=<alias of the certificate>

    Restart both IAM and VS Catalog.

    Bring up Browser and enter URL https://<hostname>:51111 for IAM.

    Bring up Browser and enter URL https://<hostname>:51110 for VS Catalog. 

    Not Secure will be resolved because it is finding the certificate issued by a valid CA.

    NOTE:

    Have noticed with Firefox, that the certificate chain is not automatically pulled into the browser, so the root and intermediate certificates had to be manually imported into the Firefox. Chrome and IE work without having to do this.



    ------------------------------
    Technical Support Engineer III
    Broadcom, Inc
    ------------------------------