UCMDB10.10 Java API - how to connect via https

Hi experts,

I'm buildng java sdk client.

Can someone please post an example how to make connection to UCMDB server using https.
API provides UcmdbServiceFactory.initSSL method as well as UcmdbServiceFactory.DefaultTruststoreManger class but from Java API documentation and Hardening Guide it is not clear how to it should work end to end.


Regards

Tags:

  • SSL connection in any Java applications is covered on JVM level.

    Please export certificate from UCMDB server (the process covered in Hardening guide in probe section).

    Import it according to guidelines from http://javacolors.blogspot.com/2012/05/how-to-register-ssl-certificates-in.html Step 2.

  • Followed the instructions from the Hardening Guide sec."Enable Mutual Certificate Authentication for SDK".

     

    In step 2 "Make sure the JRE that runs the UCMDB-API client has a keystore containing a client certificate." generated  selfsigned certificate on my sdk client machine using

    keytool -genkey -alias ucmdb-api -keyalg RCA -keystore <my java client path>\conf\security\keystore.jks

     

    Executed steps 3-7.

     

    In my java sdk client I do:

     

    System.setProperty("javax.net.ssl.keyStore", <my java client path>\conf\security\keystore.jks);
    System.setProperty("javax.net.ssl.keyStorePassword", <MyKeystorePassword>);
    System.setProperty("javax.net.ssl.trustStore", <my java client path>\conf\security\cacerts; ## imported UCMDB certificate into this store in step 6
    System.setProperty("javax.net.ssl.trustStorePassword", <MyTruststorePassword>);


    UcmdbServiceFactory.initSSL();

    UcmdbServiceProvider provider = UcmdbServiceFactory.getServiceProvider
    ("https", <SOME_HOST_NAME>, 8444);

    UcmdbService ucmdbService = provider.connect(provider.createCertificateCredentials(<my java client path>\conf\security\keystore.jks, <MyKeystorePassword>),
    provider.createClientContext("My App"));

     

    The client failed with authentication failure exception.

    Found NullPointerExcception in ucmdb-api log in UCMDB server.

     

    Not sure what should I pass to createCertificateCredentials - keystore of truststore? Tried both - failed. Password authentication works fine.

     

    Any advice please?

    Did anyone get it working?

    Is selfsigned certificates supported?

    Can anyone share code sample?

     

    Tia for your help

  • I'd suggets raising the support case to get educated answer from R&D.