Using your own truststore for server SSL connections

The server by default provides a truststore but you might want to use your own truststore for server SSL connections.

About this task

If you want to use your own truststore, you must take the following steps.

Procedure

  1. Change the server configuration file to use your own certificate keystore.
    1. Open <HCL Quality Server installation directory>\usr\servers\defaultServer\server.custom.xml in an editor.
    2. Inside server.custom.xml uncomment the keystore element and then add the details of your certificate keystore.
      <keystore id="defaultKeyStore" password="<password>" location="<keystore path>"/>
    3. If you generate the keystore by using the securityUtility tool, you can directly copy the values from the tool output and add the location attribute. For more information, see Liberty: Keystores in the WebSphere® Application Server Liberty base documentation.
  2. Change the HTTP/TCP proxy (registration.xml) to replace the ssl element with the commented out ssl element and update its attributes. For details, see Modifying the configuration settings of the HTTP/TCP proxy.
  3. Change the HCL OneTest API Agent (Agent.config) to replace the ssl element with the commented out ssl element and update its attributes. For details, see Registering HCL OneTest API Agent with HCL Quality Server.
  4. Restart the services (server, HCL OneTest API Agent, HTTP/TCP proxy). Follow each of the referenced topics for details about restarting each service.
  5. Configure the other intercept technologies, such as the Java Virtualization or SIBus tooling that communicate with the server to use your certificate. The certificate must be added to the hosting Java application, for example, WebSphere Application Server, by using techniques that are appropriate for that technology.
  6. Change the project's server URL to reference the new HCL Quality Server server. For details see Project settings.