NEW_ALM12 Outstanding Contributor.
Outstanding Contributor.
143 views

Issue in enabling SSL in ALM Octane

I configured ssl in LAM Octane installe din RHEL 6.4. 

I can launch ALM url and redirects to https://almoctane.domain.com:8443.

I can log into ALM Octane as well. 

But the issue is my cert is not secured. Its look slike a self signed cert. My cert hs Issued By as servername instaed of "COMPANYCA" the agency or department that issued me a CA cert based on my keystore.jks file.

.jks ile was prepared in a manner that should be and was tested beofre sending this jks file to CA team. 

Would someone please guide me where Im missing what steps?

CA.png

0 Likes
2 Replies
NEW_ALM12 Outstanding Contributor.
Outstanding Contributor.

Re: Issue in enabling SSL in ALM Octane

Any clue about below message?

2019-05-29 13:55:14.380:WARN:oejusS.config:WrapperSimpleAppMain: No Client EndPointIdentificationAlgorithm configured for SslContextFactory@360ade0a[provider=null,keyStore=file:///opt/octane/conf/keystore.jks,trustStore=file:///opt/octane/conf/keystore.jks]

0 Likes
NEW_ALM12 Outstanding Contributor.
Outstanding Contributor.

Re: Issue in enabling SSL in ALM Octane

Issue is resolved. 

This was an issue with the certification issuing process in my Org. 

Issues:

  1. The SSL con file had the keystore calls listed in an entity 1st format vs root 1st format
  2. The Root Chain is not being displayed, this was by design and due to digital guardian.

Solution:

  1. Pasted Keychain of each certs(Domain cert, intermediate cert, and root cert) in a notepad and saved a notepad with .cer file extension. NOte: usually, cert import is done in most of org in following order, Root, Intermediate and Domain cert. But its opposite in my Org.
  2. Then in Keeytool location, I ran below command:
  3. keytool -import -alias newcert -file <newcert.cer> -keystore <keystorefile.jks>
  4. copied <keystorefile.jks> file to keystore.jks file and moved keystore file to /opt/octane/conf directory
  5. Changed permission of file to 777
  6. Change ownership of file to root:octane
  7. ran enabless.sh file
  8. Upated keystore file location in /opt/octane/server/conf/jetty-ssl-context.xml file
  9. stoped Octane service
  10. Started Octane service
  11. Checked log > looked good.
  12. Test https url in browser > worked as expected.
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.