To configure the software to use SSL/HTTPS for secure communication, first create a keystore file. This key file contains both public keys stored as signed certificates and private keys stored in personal certificates.
Procedure
- Change the directory to the following:
$CCM_HOME/jre/bin
- Use the standard JDK keytool utility to generate and load a new key and a self-signed certificate.
- To create the key, type the following command:
keytool -genkey -keystore keystore_file -keyalg RSA –alias machinename
- When prompted, supply the certificate and password information. Doing so protects the keystore file and the keys within in the file.
The only mandatory response is to provide the host name from the URL of the IBM® Rational® Change server.
Ensure that the IP address or the host name matches the internal Rational Change IP address or host name. Doing so ensures that the key is issued to the website URL.
For example, if the generated links use 192.123.10.10, then type this value at the first and last name prompt.
keytool -genkey -keystore "/usr/local/rc53/rc.keystore" -alias hawk -keyalg RSA
Enter keystore password: choose a password
What is your first and last name?
[Unknown]: 190.123.10.10
What is the name of your organizational unit?
[Unknown]: Development
What is the name of your organization?
[Unknown]: Rational
What is the name of your City or Locality?
[Unknown]:
What is the name of your State or Province?
[Unknown]:
What is the two-letter country code for this unit?
[Unknown]:
Is CN=193.123.10.10, OU=Development, O=Rational, L=Unknown, ST=Unknown, C=Unknown correct?
[no]: yes
Enter key password for
(RETURN if same as keystore password): choose a password