Created On:  14 October 2011

Problem:

Can StarTeam 2009 Web Server use the secure HTTPS protocol, and if so, are there any recommendations on the type of certificate that should be used?

Resolution:

StarTeam Web Server can be used with secure HTTPS protocol as long as there is a valid SSL (Secure Socket Layer) certificate.  The certificate can be a ‘self-signed’ certificate, or a certificate obtained from a recognised Certificate Authority (such as Verisign, or Thawte etc.)

The link Apache Tomcat 6.0 SSL Configuration HOW-TO gives further information on creating a ‘self-signed’ certificate, and how to import a registered certificate from the Certificate Authority. A “Certificate Signing Request” will have to be generated before submitting to the Certificate Authority to receive a SSL certificate to import. While this article refers to Tomcat 6.0 the same principal applies to 5.x

Once a valid SSL certificate is obtained, edit the StarTeam 2009 Web Server/conf/server.xml file in the following way;


1. Edit the /apache-tomcat-5.5.27/conf/server.xml file, and comment out the following xml block to disable the standard http access.


   minSpareThreads="25" maxSpareThreads="75" enableLookups="false"
   redirectPort="8443" acceptCount="100" connectionTimeout="20000"
   disableUploadTimeout="true"/>

2. Un-comment the following xml block to enable https access, and add the ‘keystoreFile’ & ‘keystorePass’attributes. These are only necessary when not using a self-signed certificate


   maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
   enableLookups="false" disableUploadTimeout="true" acceptCount="100"
   scheme="https" secure="true" keystoreFile=""
   keystorePass="" clientAuth="false" sslProtocol="TLS" />;

Start the StarTeam web Server and direct users to https://:8443/BorlandStarTeam.
Incident #2537135