AnsweredAssumed Answered

Help on implementing one-way SSL

Question asked by Konfu on Jul 11, 2017
Latest reply on Aug 16, 2017 by Maddy007

One of our projects requested for a virtual service which is SSL-enabled.
Their front end (client) needs to talk SSL with the virtual service (server).

 

Since we are not allowed to use the DevTest internal certificate (in webreckey.ks), we have received one from the company itself. It contains a certificate chain (in .crt format) together with the private key (.key)

 

Reading through the DevTest documentation and from the community, this would require that I (server) need to provide the server certificate to the client, and that they need to add it in their truststore. (Please correct me if I'm wrong)

 

But on my side, I'm not sure to add what and where:

  • Can i use the DevTest default keystore webreckey.ks to import my certificate?
  • If yes, what do I actually need to put in their? I tried to import the whole chain, but it isnt working. I have tried it with Portecle.
  • Does it only need the server certificate itself with the private key?
  • Do I need to add something in the truststore?
  • If yes, can i use the DevTest default truststore cacerts?
  • If I cannot add the default keystore and truststore, are there any properties that i need to modify on the DevTest servers (Registry server, VSE server) or can I load this directly in the virtual service when creating via the wizard?

 

PS: I already checked the nice post https://communities.ca.com/docs/DOC-231172116-of-ssl-java-and-devtest, but I still require help on actually implementing it.

Outcomes