Use a Certificate from a Third-Party Certificate Authority

CA TDM Portal supports third-party security certificates for HTTPS web access. Use your own resources to obtain a trusted TLS certificate from the Certificate Authority of your choice.
tdm49
CA TDM Portal supports third-party security certificates for HTTPS web access. Use your own resources to obtain a trusted TLS certificate from the Certificate Authority of your choice.
The use of third-party security certificates requires the use of third-party tools. The set-up process also requires manual changes to the application.properties file available at
C:\Program Files\CA\CA Test Data Manager Portal\conf
by default. Before you begin, become familiar with the basic concepts of security certificates and keystores and the keytool utility provided with the Java JDK.
Implementing third-party security certificates requires updating values for three parameters in the application.properties file:
  • "tdmweb.keystorePath"
    Default: The keystore path for the self-signed certificate. For example: install_dir/conf/.keystore
  • "tdmweb.keystore.Password"
    Default: {cry}7i6EOsWzUxSm+tnSov-7cbTZs2TE0uAuXRxl4G+cG6O5Wn3aM8gz
  • "tdmweb.keyAlias"
    Default: Test Data Manager.
    To use a key alias that duplicates an existing alias, remove the existing alias before adding a new instance.
Follow these steps:
  1. Decide on a certificate password and obtain a security certificate from a Certification Authority.
  2. Using the instructions provided by the Certification Authority, import the certificate into a keystore. 
    Generally you use a command similar to keytool - import - alias 
    myalias 
    - file certfile - keystore  "path_and_file_specification_for_keystore".
    Make sure that the private key of the obtained certificate is also available in the specified keystore.
  3. For the keystore password, enter the certificate password decided earlier in Step 1.
  4. Obtain an encrypted version of the keystore password.
    1. Navigate to 
      install_dir\service\bin
      .
    2. Run the encryption utility and supply the password to encrypt as argument.
      EncryptionUtil.bat -p
      passwordtoencrypt
    3. Save the encrypted value returned for entry in the properties file.
  5. Stop the CA Test Data Manager Portal service.
  6. Back up and edit the application.properties file to add or update the following:
    1. tdmweb.keystorePath to the location of the keystore using the fully qualified path and file name for the keystore file.
    2. tdmweb.keystorePassword with the encrypted keystore password (do not surround encrypted password value with quotes)
    3. tdmweb.keyAlias to the alias used to reference the certificate in the keystore (myalias in the examples).
  7. Start the CA Test Data Manager Portal service.