Configuring SSL Communication
You can configure SSL communication between Administrator and the TIBCO ActiveMatrix Registry Runtime UDDI Server.
For further information on configuring SSL in TIBCO ActiveMatrix Registry Runtime UDDI Server, see http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html#SSL_and_Tomcat
- Procedure
- Open a command window in UDDI_HOME/tibcojre/VERSION/bin.
- Generate a keystore with alias TAMRUS:keytool -genkeypair -alias TAMRUS -keyalg RSA -keystore .keystore -storepasspassword-dname "CN=YourName, OU=YourName, O=Engineering, L=YourCity, ST=YourState, C=YourCountryCode"
- In
TIBCO_HOME/RuntimeUDDIServer/version/server/conf/server.xml replace:
<Connector port="58080" protocol="HTTP/1.1" connectionTimeout="20000" />
with
Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="./.keystore" keystorePass="password"/>
- Export the TAMRUS certificate: keytool -exportcert -alias TAMRUS -keystore .keystore -storepass password-file TAMRUS.cert
- Import the TAMRUS certificate into the Administrator server trust keystore:
keytool -importcert -alias TAMRUS -file TAMRUS.cert -keystoreTIBCO_HOME/tibcohost/3.4/templates/admin.default.ssl.trust.store.ts -storepass secret
$ keytool -importcert -alias TAMRUS -file TAMRUS.cert -keystore TIBCO_HOME/tibcohost/3.4/templates/admin.default.ssl.trust.store.ts -storepass secret Owner: CN=YourName, OU=YourName, O=Engineering, L=YourCity, ST=YourState, C=YourCountryCode Issuer: CN=YourName, OU=YourName, O=Engineering, L=YourCity, ST=YourState, C=YourCountryCode Serial number: 4ba255a3 Valid from: Thu Mar 18 17:32:35 CET 2010 until: Wed Jun 16 18:32:35 CEST 2010 Certificate fingerprints: MD5: 4D:B0:EE:FC:A2:72:A0:6E:4C:13:BD:8E:F12:90:06 SHA1: B99:5A:6D:15:53:BA:DC:63:AB:70:89:61:2C:C3:DA:1C:FA:EB:E3 Signature algorithm name: SHA1withRSA Version: 3 Trust this certificate? [no]: yes Certificate was added to keystore