Use bfclient.conf to configure SSL connections for an API
client written in Perl or Java.
About this task
To make an SSL connection with an API client program, set
up bfclient.conf. This file contains the SSL configuration properties.
To simplify this procedure, the steps below assume you run your client
in the client directory mentioned in the first step.
- Create a client directory where you are going to run the
script.
Windows: mkdir c:\client
UNIX
or Linux: mkdir /temp/client
- Copy bfclient.conf to the client directory.
Windows: copy
c:\BuildForge\bfclient.conf c:\client
UNIX or Linux: cp
/opt/BuildForge/Platform/bfclient.conf /temp/client
- Create a keystore subdirectory in the client directory.
Windows: mkdir c:\client\keystore
UNIX
or Linux: mkdir /temp/client/keystore
- Copy the keystores from the BuildForge installation into
the client keystore directory.
Windows: copy
\BuildForge\keystore\*.pem \client\keystore
UNIX
or Linux: cp /opt/BuildForge/Platform/keystore/*.pem /temp/client/keystore
- For Perl, set the following OS environment variable so
that the bfclient.conf location is found.
Windows: set
BFCLIENT_CONF=c:\client\bfclient.conf
UNIX or Linux: export
BFCLIENT_CONF="/temp/client/bfclient.conf"
- For Java, complete these steps:
- Use SecureAPIClientConnection instead
of APIClientConnection in your code to make
an SSL connection using bfclient.conf.
- Set the following System property on the Java command
line when running your script.
Windows: -Dcom.buildforge.client.config=c:\client\bfclient.conf
UNIX
or Linux: -Dcom.buildforge.client.config=/temp/client/bfclient.conf
- Edit bfclient.conf and check the following properties:
- bf_services_preferred_protocol=ssl
Make sure the value is ssl
instead of tcp.
- bf_services_ssl_port=49150
Make sure 49150 is your Services
Layer SSL port.
- bf_keystore_location=./keystore/buildForgeKey.pem
There are
several keystore locations. If you run your script in a directory
other than the client directory, change each keystore location to
use a fully qualified path.
- If you want to be sure that your script is using bfclient.conf
correctly, set the following debug property in your environment. When
you run your script, you should see more output about the SSL connection
properties.
Windows: set BFDEBUG_SECURITY=1
UNIX
or Linux: export BFDEBUG_SECURITY=1