To have your local copy of DevTest configured to talk securely with multiple server certificates, add each server certificate to your local trustStore file.
In this example, we have serverA, serverB, and workstation.
The administrator of serverA wants to export the certificate using keytool:
serverA> keytool -exportcert -alias lisa -file serverA.cer -keystore serverA.ks
Similarly, the administrator for serverB wants to export the serverB certificate:
serverB> keytool -exportcert -alias lisa -file serverB.cer -keystore serverB.ks
Acquire a copy of serverA.cer and serverB.cer, and then import them into your client trust store:
workstation>keytool -importcert -alias serverA -file serverA.cer -keystore trustStore.ts
workstation>keytool -importcert -alias serverB -file serverB.cer -keystore trustStore.ts
Enter the password to your trustStore to modify it.
Ensure your workstation is using your trustStore, which now contains certificates for both serverA and serverB.
Copy this file to LISA_HOME and update local.properties as follows:
lisa.net.trustStore={{LISA_HOME}}trustStore.ts
lisa.net.trustStore.password_enc=33aa310aa4e18c114dacf86a33cee898
When you run DevTest Workstation, you can select registries.
ssl://serverA:2010/Registry
and
ssl://serverB:2010/Registry
If you try to connect to ssl://serverC:2010/Registry, DevTest refuses the connection because you do not have the required certificate.
Copyright © 2014 CA Technologies.
All rights reserved.
|
|