Issue in enabling SSL in ALM Octane

I configured ssl in LAM Octane installe din RHEL 6.4. 

I can launch ALM url and redirects to https://almoctane.domain.com:8443.

I can log into ALM Octane as well. 

But the issue is my cert is not secured. Its look slike a self signed cert. My cert hs Issued By as servername instaed of "COMPANYCA" the agency or department that issued me a CA cert based on my keystore.jks file.

.jks ile was prepared in a manner that should be and was tested beofre sending this jks file to CA team. 

Would someone please guide me where Im missing what steps?

CA.png

  • Any clue about below message?

    2019-05-29 13:55:14.380:WARN:oejusS.config:WrapperSimpleAppMain: No Client EndPointIdentificationAlgorithm configured for SslContextFactory@360ade0a[provider=null,keyStore=file:///opt/octane/conf/keystore.jks,trustStore=file:///opt/octane/conf/keystore.jks]

  • Issue is resolved. 

    This was an issue with the certification issuing process in my Org. 

    Issues:

    1. The SSL con file had the keystore calls listed in an entity 1st format vs root 1st format
    2. The Root Chain is not being displayed, this was by design and due to digital guardian.

    Solution:

    1. Pasted Keychain of each certs(Domain cert, intermediate cert, and root cert) in a notepad and saved a notepad with .cer file extension. NOte: usually, cert import is done in most of org in following order, Root, Intermediate and Domain cert. But its opposite in my Org.
    2. Then in Keeytool location, I ran below command:
    3. keytool -import -alias newcert -file <newcert.cer> -keystore <keystorefile.jks>
    4. copied <keystorefile.jks> file to keystore.jks file and moved keystore file to /opt/octane/conf directory
    5. Changed permission of file to 777
    6. Change ownership of file to root:octane
    7. ran enabless.sh file
    8. Upated keystore file location in /opt/octane/server/conf/jetty-ssl-context.xml file
    9. stoped Octane service
    10. Started Octane service
    11. Checked log > looked good.
    12. Test https url in browser > worked as expected.