Enabling server security for a Windows service

When the Rational® DOORS® database server is installed, it is registered as a Windows service. By default, secure mode and the server security options are disabled. If you are running the database server from Windows services and want to use server security, you must enable secure mode and server security options.

About this task

The location of the registry keys that store configuration parameters for the Rational DOORS database service depend on the version of your operating system. When you enable server security, you set these configuration parameters:

where BrokerHost is the server name or IP address of the server that is hosting the ActiveMQ broker and BrokerPort is the port for Active MQ broker connections.

Depending on the certificates that you use, you might also need to set these parameters:

Procedure

  1. Stop the Rational DOORS database server.
  2. Edit the properties for the Rational DOORS database server service by using the Windows management console.
  3. In the Start parameters field, enter these parameters:

    -secure ON -serverSecurityBrokerHost BROKER_HOST -serverSecurityBrokerPort 61616

    where
    Switch Example Parameter Description
    -secure ON

    The switch that must be set to on for security to be enabled

    -serverSecurityBrokerHost BROKER_HOST

    The server name or IP address of the server that is hosting the Active MQ broker

    -serverSecurityBrokerPort 61616

    The port number to connect with the ActiveMQ broker

    You can also add these parameters, depending on the certificates that you use:
    Switch Example Parameter Description
    -serverhostname IBMEDSERV

    The name of the DOORS database server as specified by the certificate.

    -certName DBM1

    The certificate name used for secure connections.

    -keyDB C:\path\to\key\db.kdb

    The path of the certificate keystore

  4. In the Properties window, click Start to run the service.
  5. To close the window, click OK.
    Note: If the service is restarted, you must re-enter the start parameters.
    Alternatively, you can set parameter values in these Windows registry keys:
    • serverhostname
    • secure
    • certName
    • keyDB
    Other parameter values must be added to the Start parameters field for the service. These settings do not use registry, but they do have default values:
    • serverSecurityBrokerHost: 127.0.0.1
    • serverSecurityBrokerPort: 61616
    Note: If the ActiveMQ broker is running on the same computer as the Rational DOORS database service and the broker uses the default port, when you start the service, you do not need to provide those settings.

Feedback