Related Tips & Info

How can I import a public key certificate to allow SilkCentral Test Manager to communicate with SSL connection?

MigrationDeletedUser
0 Likes

Problem:

How can I import a public key certificate to allow SilkCentral Test Manager to communicate with SSL connection?

Resolution:

To prepare a web-server for accepting https (SSL) connections, the administrator must create a public key certificate for the web-server. Certificate validation is a very important part of Secure Sockets Layer (SSL) security. In order for the host machine to be able to communicate with the test certificate, this certificate needs to be imported into the application"s "Trusted Certificate Authority".

It is standard procedure that the site administrator creates certificates for each user, which are loaded into their browser. These normally contain the name and e-mail address of the authorized user, and are automatically checked by the server on each reconnect - to verify the user"s identity, potentially without ever entering a password.

If the certificate has not been imported, you may received the following error in SilkCentral Test Manager:

Certificate Error

In order to resolve the above error the user will need to import the required certificate.

On the FrontEnd server machine:

  • Open the browser, let"s say IE, and go to the application"s home URL (e.g. https://hostname/silk)
  • You might see a dialog box warning you about the certificate.
    • Click on "View Certificate" - The certificate detail screen appears.
    • Click on "Install certificate" and complete the subsequent certificate import wizard (store it in "Trusted Root Certification Authorities").
    • The dialog should confirm with a message like "The import was successful".
  • You should now see the certificate by selecting Tools | Internet Options | Content tab | "Certificates" Button. Go to tab "Trusted Root Certification Authorities", select the certificate you have installed before and click "Export".
  • Select "DER encoded binary X.509" and click "next"
  • Choose a location for the storage of the certificate file (e.g. c:\hostname.cer) and complete the Export wizard.
  • Then use the "keytool -import" command to import the file into your JRE"s Certification Authorities keystore: "%SCTMpath%\lib\jre\bin\keytool" -import -alias tomcat -keystore "%SCTMpath%\lib\jre\lib\security\cacerts" -file c:\hostname.cer
  • Type in the keystore password (inital one is "changeit")
  • Confirm the following prompt "Trust this certificate?" with "yes"
  • A message like "Certificate was added to keystore" should now show up.
  • This should now confirm that your private certificate has been added to the application"s keystore as a Trusted Certificate Authority.

You can also import the exported certificate by:

  • Going to %SCTM%\lib\jre\bin and execute javacpl.exe
  • Select tab security and click certificates
  • Click import and select the generated certificate

*Note: you will have to perform the above steps on any client machine that will be accessing SCTM on a remote machine that requires SSL connection.

Old KB# 25156
Comment List
Related
Recommended

Resources

Support
Documentation
Training
CyberRes Academy
Partner Portal
Contact us
Compliance
Help
Company
Privacy Policy
Terms of Use
Accessibility
Anti-Slavery Statement
Support
How To Buy
Careers
Investor Relations
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.