Micro Focus Expert
Micro Focus Expert
70 views

(OO) Support Tip: Does the OO installer allow MSSQL to use advanced ?

The OO installer does not allow advanced options.  For instance Windows Authentication, NTLM version, and SSL/Encryption.

However there is a workaround.  Install OO without using the advanced MSSQL options and configure MSSQL so it does not need those advanced options.  Once OO is installed changes can be made to OO and MSSQL to use those advanced features.  The process for allowing Windows Authentication is described in the manual.  Using a similar process NTLM version and SSL/Encryption can also be enabled.

Assumed state at the start of this process is OO successfully installed and MSSQL configured for SQL based logins or Mixed Mode authentication.

1. Stop OO.
2. Configure SQL server for the desired options - In this example encryption,NTLMv2 and Windows auth.

Before Modifying any file make a backup -

Modify the database.properties file.
The file is located at <OO Install Dir>\Central\conf.
OO uses the JTDS JDBC driver and options/use can be found via Google as it is not OO specific.

The line to look for should start with jdbc.url.
Example before the added parameters:
jdbc.url=jdbc\:jtds\:sqlserver\://<FQHN-SQLSERVER>\:<PORT>/<DBNAME>;sendStringParametersAsUnicode\=true

Example with the added parameters:
jdbc.url=jdbc\:jtds\:sqlserver\://<FQHN-SQLSERVER>\:<PORT>/<DBNAME>;sendStringParametersAsUnicode\=true;useNTLMv2\=true;ssl\=require

Where <> indicates a variable that should be replaced with your values - 1433 is the default port change if needed.
The above line would restrict use to NTLMv2 only and require encryption.  Only add the options which are setup in MSSQL/OS and required - the others can be left out if not needed.

3. Put the public key/cert from the MSSQL server in the OO keystore.

Example:
"<OO Install Directory>\java\bin\keytool" -import -alias <sqlservername> -file <sqlserver pub cert> -keystore "<OO Install Directory>\Central\var\security\key.store>"

when prompted enter the keystore password - "changeit" by default.

4. Due to an issue with Java and MS one other step needs to be done for encryption to work correctly. It is not needed for Windows Auth or NTLMv2 support.

Edit/Modify the following file <OO Install Directory>\Central\conf\central_wrapper.conf
Search for the last instance of "wrapper.java.additional"
Add a new line below the last instance of wrapper.java.additonal.## where ## is a number. Increment the number by one.

Example if the last line was this:
wrapper.java.additional.20=-Devents.persistency=false
Add the following:
wrapper.java.additional.21=-Djsse.enableCBCProtection=false

5. Restart OO and check wrapper.log to validate the DB is working correctly

 

This article currently applies for 10.x- 10.50.  It may also apply to newer versions .

The Knowledge base article can be found at :

 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM01762610

 

 

 

Labels (2)
0 Likes
1 Reply
Micro Focus Expert
Micro Focus Expert

Re: (OO) Support Tip: Does the OO installer allow MSSQL to use advanced ?

Small correction - This is valid for 10.x - 10.2x.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.