Create and Implement a Self-Signed Certificate

You can replace the self-signed certificate that comes with CA TDM Portal. The predefined certificate is configured in the application.properties file. When you create your own self-signed certificate, update this properties file and restart CA Test Data Manager Portal service.
tdm49
You can replace the self-signed certificate that comes with CA TDM Portal. The predefined certificate is configured in the application.properties file. When you create your own self-signed certificate, update this properties file and restart CA Test Data Manager Portal service.
Before you create your own certificate, plan values for the keystore path and key alias. You enter these values when you run the keytool and when you update the properties file.
You use the following files and utilities to implement your self-signed certificates:
  • keytool utility
    For details about this Java utility, browse for keytool - Key and Certificate Management Tool.
  • EncryptionUtil.bat
  • application.properties file, specifically, the following three parameters:
    • tdmweb.keystorePath=
      Default: 
      Self-signed certificate key store path.
      For example,
      install_dir\conf\.keystore
      .
    • tdmweb.keystorePassword =
      Default: {cry}7i6EOsWzUxSm+tnSov-7cbTZs2TE0uAuXRxl4G+cG6O5Wn3aM8gz.
      Run the EncryptionUtil.bat file, enter the keystore password. The batch program generates the encrypted password on the console, which you specify here as the new value.
    • tdmweb.keyAlias =
      Default:
       
      Test Data Manager
Follow these steps:
  1. Using administrator credentials, log in to host where TDM Portal is installed.
  2. Stop the CA Test Data Manager Portal service.
  3. If you plan to reuse the current alias name for the key, remove this alias before continuing.
  4. Run the following command to generate a key pair with the Java keytool. Specify your own values for aliasname and for keystore_name. If you do not enter a path for keystore, the current path is used.
    keytool -genkey -alias "
    aliasname
    " -keyalg RSA -keystore "
    keystore_path\
    .keystore"
    For example, accept the default keystore path and enter:
    keytool -genkey -alias "Test Data Manager" -keyalg RSA
    Prompt to enter and confirm a password for keystore appears.
  5. Enter the same keystore password in response to both the prompts. (Remember this password for later entry into an encryption utility.)
  6. Respond to prompts with the requested distinguished name information as follows:
    1. Enter your first and last name.
    2. Enter the name of your organizational unit.
    3. Enter your organization name.
    4. Enter the name of your city or locality.
    5. Enter the name of your state or province.
    6. Enter the two-letter country code for your organizational unit.
    A confirmation of your entries appears in the format, Is CN=value, OU=value, O=value, L=value, ST=value, C=value correct?
  7. Review the entries and if correct, enter yes. (If incorrect, enter no and respond to the prompts again.)
  8. Prompt for the key password for aliasname appears. Press Enter to use the keystore password as the alias password.
    A new keystore is created in the current directory.
  9. (Optional) Move this keystore to another path.
  10. Encrypt the keystore password you entered in Step 5.
    1. Change directories to the 
      install_dir\service\bin
      directory.
    2. Run EncryptionUtil.bat
    3. Enter the keystore password in response to the prompt.
    The utility encrypts the entered keystore password and displays the result on the console.
  11. Back up the application.properties file. (
    install_dir\conf\application.properties
    )
  12. Update the application.properties file as follows:
    1. For tdmweb.keystorePath=, enter the absolute path to the keystore, using "/" rather than "\", for example, C:/
      keystore_path
      /keystore.
    2. For tdmweb.keystorePassword=, copy and paste the encrypted keystore password generated in Step 9.
    3. For tdmweb.keyAlias=, enter the alias name specified in the keytool command in Step 4.
  13. Start the CA Test Data Manager Portal service.