Hi Jeff,
As you have discovered, you can specify the location of the keystores by directing DevTest to look in a specific directory (c:/users/public/....). When you specify the location of the keystores, DevTest generates a VSM such that the LISTEN and, if necessary, Live Invocation steps contain this path. DevTest does not attempt to alter these paths so when the VSM deploys to VSE, the path specified during recording is used during playback. You can double click the LISTEN step in Workstation to see the configuration, but I figure you already know this.
There are several approaches to solve for this, but some of them may or may not be acceptable depending on your organization's security policies regarding keystore governance, sharing password information, etc.
Option A (spin off your scenario above):
- Save the keystore on your VSE server in a directory of your choice
- Edit the recorded VSM's LISTEN and/or Live Invocation Steps and change the location of the keystore from c:/users/public/documents/keystore.jks to the location where you saved the keystore file on the VSE
- Save and deploy your VSM
- NOTE: This approach may be sub-optimal because if you run the VSM in ITR mode, the cert path specified in VSE is most likely different from the cert path used locally. You could set up a local config and VSE config to point to the JKS location and use property {{ }} notation to keep the two in check by executing or deploying with the desired config.
Option B:
- Create a directory in your DevTest installation [LISA_HOME] folder (technically this directory can be any location)
- Copy/paste the keystore files into this directory
- Use DevTest property notation such as {{LISA_HOME))/<yourDirectory>/keystore.jks to specify the location of the keystore in LISTEN and LIVE INVOCATION steps
- This approach ensures that the JKS file is in a location available to both Workstation and VSE regardless of the Operating System and pathing notation
- Also, storing keystores this way may improve automated deployments of Workstation and VSEs as deployment of the keystores could be automated with an installation of DevTest
- Ensure that the keystore is deployed into the LISA_HOME directory for all instances of DevTest VSE and Workstation -- or at least those instances that may edit or use this VSM
- Deploy the VSM
Option C:
- Another option is the use of the Project folder; however, your certs might be used by other services that are not in this project so isolating the JKS at the project level may not provide maximum reusability.
Other techniques are commented on in the DevTest Solutions - 9.0_ENU_20151117.pdf. Look for sections on SSL Properties, SSL Certificates, and Interconnectivity Properties. These options use global properties such as ssl.server.cert.path, ssl.client.cert.path, ws.ssl.client.cert.path, etc. which override the OOTB DevTest key and trust stores. Regardless though, these options require the keystore file be in a path that is accessible to both VSE and Workstation.
Hope this helps some.
Regards,
Joel