Importing certificates from the server for secured connections
Starting from HCL OneTest™ UI 9.1.1, you can import certificates from the server to connect to the host machines securely. You can create a CustomizedCAs.p12 / CustomizedCAs.jks keystore through the Extension for Terminal-based Applications that produces the *.p12/JKS file. This file passes the host server's self-signed certificate credentials to the terminal to allow a secure connection.
About this task
Prior to version 9.1.1, you could use SSL to connect to the host machine securely. See Using SSL to connect to host machines.
Procedure
-
Start the Extension for Terminal based Applications by clicking the Launch button in HCL OneTest™ UI.
-
Click
to open the Security Information window.
- Select or type the Host address and Port number.
- Select the type of keystore where the certificate can be saved. Depending on the connection protocol supported by the host, you can choose PKCS12 or JKS.
- Click the Get Certificate(s) button to retrieve the certificates from the host.
- After the certificates are retrieved, click the Save button to save the extracted certificate to the appropriate keystore (CustomizedCAs.p12 or CustomizedCAs.jks).
- Click the Status bar to open the location where the keystore is created with the certificate. This location would be C:\Users\<current user>\Application Data\ibm\RFT\Extension for Terminal-based Applications on a Windows™ machine.
- Copy the .p12 or .jks file to the <IBMIMShared\plugins>\com.ibm.test.terminal_8.5.0.vXXXX folder. This plugin folder also includes the terminal.jar and TerminalTester.jar files.
- Close the Security Information window and restart the Extension for Terminal-based Applications.
- Type the Host address, Port number, and terminal type information and click the Advanced Settings button.
-
Set the properties depending on the type of certificate.
- For CustomizedCAs.p12, you must set the following
properties:.
Property Name Set the value... SSL true SSLTelnetNegotiated true - For CustomizedCAs.jks, you must set the following properties:
Property Name Set the value... sslUseJSSE true sslJSSETrustStore Provide the full path of CustomizedCAs.jsk. For example,
C:\Program Files\IBM\IBMIMShared\plugins\com.ibm.test.terminal_8.5.0.v20170703_0428\CustomizedCAs.jks
sslJSSETrustStorePassword hodpwd tlsProtocolVersion TLSv1.2 Note: If the host supports an older version of the protocol, the application will fall back to the older version.sslJSSETrustStoreType jks SSL true SSLTelnetNegotiated true
Note: You must set SSLTelnetNegotiated to true only when you connect to a Telnet server that supports IETF Internet-Draft TLS-based Telnet Security. The Internet-Draft defines the protocol for performing the SSL Handshake over a Telnet connection. - For CustomizedCAs.p12, you must set the following
properties:.