Micro Focus Expert
Micro Focus Expert
185 views

(OO) Support Tip : How to install 10.x when using encryption on an MSSQL Database

The process for this is similar to the process for allowing Windows auth vs SQL auth that is documented in the manual.

 

The installer for OO does not currently support these modes natively. The install must be done with SQL auth and without encryption and without requiring ntlmv2. Once the install completes successfully against a generic install it is possible to modify OO to support these other modes.

 

1.  Stop OO.

2.  Configure SQL server for the desired options - In this case encryption,NTLMv2 and Windows auth.

 

Before Modifying any file make a backup -

 

Modify the database.properties file.

The file is located at <OO Install Dir>\Central\conf.

OO uses the JTDS JDBC driver and options/use can be found via Google as it is not OO specific.

 

The line to look for should start with jdbc.url.

Example before the added parameters:

jdbc.url=jdbc\:jtds\:sqlserver\://<FQHN-SQLSERVER>\:<PORT>/<DBNAME>;sendStringParametersAsUnicode\=true

 

Example with the added parameters:

jdbc.url=jdbc\:jtds\:sqlserver\://<FQHN-SQLSERVER>\:<PORT>/<DBNAME>;sendStringParametersAsUnicode\=true;useNTLMv2\=true;ssl\=require

 

Where <> indicates a variable that should be replaced with your values - 1433 is the default port change if needed.

The above line would restrict use to NTLMv2 only and require encryption.

 

3.  Put the public key/cert from the SQL server in the OO keystore.

  

Example:

 "<OO Install Directory>\java\bin\keytool" -import -alias <sqlservername> -file <sqlserver pub cert> -keystore "<OO Install Directory>\Central\var\security\key.store>"

 

when prompted enter the keystore password - "changeit" by default.

 

4. Due to an issue with Java and MS one other step needs to be done for encryption to work correctly.  It is not needed for Windows Auth or NTLMv2 support.

 

Edit/Modify the following file <OO Install Directory>\Central\conf\central_wrapper.conf

Search for the last instance of "wrapper.java.additional"

Add a new line below the last instance of wrapper.java.additonal.## where ## is a number.  Increment the number by one.

 

Example if the last line was this:

wrapper.java.additional.20=-Devents.persistency=false

Add the following:

wrapper.java.additional.21=-Djsse.enableCBCProtection=false

 

5. Restart OO and check wrapper.log to validate the DB is working correctly

Labels (2)
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.