Configuring SSL Communication

You can configure SSL communication between Administrator and the TIBCO ActiveMatrix Registry Runtime UDDI Server.

1. Open a command window in UDDI_HOME/tibcojre/VERSION/bin.
2. Generate a keystore with alias TAMRUS:keytool -genkeypair -alias TAMRUS -keyalg RSA -keystore .keystore -storepass password -dname "CN=YourName, OU=YourName, O=Engineering, L=YourCity, ST=YourState, C=YourCountryCode"
3. In TIBCO_HOME/RuntimeUDDIServer/version/server/conf/server.xml replace:

   <Connector port="58080" protocol="HTTP/1.1" connectionTimeout="20000" />

   with

   Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
   maxThreads="150" scheme="https" secure="true"
   clientAuth="false" sslProtocol="TLS" keystoreFile="./.keystore" keystorePass="password"/>

4. Export the TAMRUS certificate: keytool -exportcert -alias TAMRUS -keystore .keystore -storepass password -file TAMRUS.cert
5. Import the TAMRUS certificate into the Administrator server trust keystore: keytool -importcert -alias TAMRUS -file TAMRUS.cert -keystoreTIBCO_HOME/tibcohost/3.4/templates/admin.default.ssl.trust.store.ts -storepass secret

   $ keytool -importcert -alias TAMRUS -file TAMRUS.cert -keystore TIBCO_HOME/tibcohost/3.4/templates/admin.default.ssl.trust.store.ts -storepass secret
   Owner: CN=YourName, OU=YourName, O=Engineering, L=YourCity, ST=YourState, C=YourCountryCode
   Issuer: CN=YourName, OU=YourName, O=Engineering, L=YourCity, ST=YourState, C=YourCountryCode
   Serial number: 4ba255a3
   Valid from: Thu Mar 18 17:32:35 CET 2010 until: Wed Jun 16 18:32:35 CEST 2010
   Certificate fingerprints:
   MD5: 4D:B0:EE:FC:A2:72:A0:6E:4C:13:BD:8E:F12:90:06
   SHA1: B99:5A:6D:15:53:BA:DC:63:AB:70:89:61:2C:C3:DA:1C:FA:EB:E3
   Signature algorithm name: SHA1withRSA
   Version: 3
   Trust this certificate? [no]: yes
   Certificate was added to keystore

Copyright © Cloud Software Group, Inc. All rights reserved.