From the JRE_HOME/bin directory, run this command:
keytool -genkey -keystore "$JETTY_HOME/etc/rc.keystore" -alias angler -keyalg RSA
This command requires information about the certificate and passwords to protect both the keystore and the keys within it. You must provide the hostname from the IBM® Rational® Change server URL. By default, Rational Change 5.2 and later is set up to use the IP address of the machine for the hostname in the generated URLs. If the generated links use 192.168.10.10, enter this value at the "first and last name" prompt. Doing so ensures that the key is issued to the URL of the website, which stops browsers from displaying an error message that the key and site name do not match.
For example:
Enter keystore password: choose a password
What is your first and last name?
[Unknown]: 192.168.10.10
What is the name of your organizational unit?
[Unknown]: Development
What is the name of your organization?
[Unknown]: Rational
What is the name of your City or Locality?
[Unknown]:
What is the name of your State or Province?
[Unknown]:
What is the two-letter country code for this unit?
[Unknown]:
Is CN=192.168.10.10, OU=Development, O=Rational, L=Unknown,
ST=Unknown, C=Unknown correct?
[no]: yes
Enter key password for
(RETURN if same as keystore password): choose a password
You must use SslSelectChannelConnector instead of SelectChannelConnector in the jetty.xml file.
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.nio.SelectChannelConnector>
<Set name="host"><Property name="jetty.host" /></Set>
<Set name="port"><Property name="jetty.port" default="1111"/></Set>
<Set name="maxIdleTime">300000</Set>
<Set name="Acceptors"></Set>
<Set name="statsOn">false</Set>
<Set name="confidentialPort">8443</Set>
<Set name="lowResourcesConnections">20000</Set>
<Set name="lowResourcesMaxIdleTime">5000</Set>
</New>
</Arg>
</Call>
<New id="sslContextFactory" class="org.eclipse.jetty.http.ssl.SslContextFactory">
<Set name="KeyStore"><Property name="jetty.home" default="." />/etc/keystore</Set>
<Set name="KeyStorePassword">OBF:1xxx1so1x6e1ppp1yu61x2g1z6u1op9</Set>
<Set name="KeyManagerPassword">OBF:1x2u1nnl5z1c5s7g1ggl1u9t</Set>
<Set name="TrustStore"><Property name="jetty.home" default="." />/etc/keystore</Set>
<Set name="TrustStorePassword">OBF:3uus1elo8x3e1kle1gs34x8t1z4u1lp8</Set>
</New>
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
<Arg><Ref id="sslContextFactory" /></Arg>
<Set name="Port">8443</Set>
<Set name="maxIdleTime">30000</Set>
<Set name="Acceptors">2</Set>
<Set name="AcceptQueueSize">100</Set>
</New>
</Arg>
</Call>
Ensure that you provide the correct values to the attributes KeyStore, KeyStorePassword, KeyManagerPassword, TrustStore, TrustStorePassword, and Port.
Do not use the property <Property name="jetty.home" default="." />. You must provide the absolute path of JETTY_HOME.
<New id="sslContextFactory" class="org.eclipse.jetty.http.ssl.SslContextFactory">
<Set name="KeyStore"><Property name="jetty.home" default="." />/etc/keystore</Set>
<Set name="KeyStorePassword">OBF:1xxx1so1x6e1ohp1yu61x5g2z6u1op8</Set>
<Set name="KeyManagerPassword">OBF:1x4u1nnl6z1c5t7g1ffl1u9t</Set>
<Set name="TrustStore"><Property name="jetty.home" default="." />/etc/keystore</Set>
<Set name="TrustStorePassword">OBF:3uuk1wlo5x3e4kle1gs35x8t4z4r1lp8</Set>
<Set name="protocol">TLSv1.2</Set>
</New>
Change http to https, and, if necessary, change the port number.
<context-param>
<param-name>protocol</param-name>
<param-value>http</param-value>
</context-param>
<context-param>
<param-name>port</param-name>
<param-value>8600</param-value>
</context-param>
JAVA_OPTIONS="-Djetty.home=$JETTY_HOME -Djetty.log=$JETTY_LOG -Djava.protocol.handler.pkgs=com.ibm.net.ssl.www2.protocol -Xms128m -Xmx512m -server $JAVA_OPTIONS"
<SYNERGY_HOME>\jre\bin\java -cp jetty-util-8.1.3.v20120416.jar org.eclipse.jetty.util.security.Password <password>
The command prints three lines of data. password
OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v
MD5:5f4dcc3b5aa765d61d8327deb882cf99