Maeve OReilly 270001WE6Q Visits (839)
There was a time when either was fine. And it still is if you are only using DWA (DOORS Web Access). However, if DWA is used to integrate with other browser based applications, this becomes a critical point.
Soumya Y Shanthimohan 270004GAQS Visits (2099)
Attempts to log-in to the Secured web application while recording in IBM Rational Performance Tester (RPT) may led to the message - 'This Connection is Untrusted'.
The message is seen because, RPT acts as a proxy between the browser and the server application to record the data exchange. When a Secured page is recorded using RPT, the RPT proxy certificate is presented to the browser leading to the above message.
Creating and installing a digital certificate will help you get rid of the above message during RPT recording.
The digital certificates feature enables you to run tests against servers that use Secure Sockets Layer (SSL) for applications that require client-side digital certificates to authenticate users.
A digital certificate is a file that binds a public cryptographic key with an identity (a user or an organization). Trusted certificate authorities issue digital certificates, which are then used to authenticate users and organizations for access to websites, email servers, and other secure systems. A certificate store is an archive file that contains almost any number of digital certificates, possibly certificates that are issued from different certificate authorities.
Creating a Digital certificate store
A digital certificate store can be created using the 'keytool' utility.
You will find the keytool utility file in the RPT_
Navigate to the below directory through the command prompt -
Type the following command and press enter
my_certificate is an alias for your certificate in the key store. You may never use it, but every new certificate in your key store must have its own alias.
The certificate generation process will prompt you to enter some information about you. This information will be saved in the certificate. At the end you will have to confirm the entered information.
Once the information is confirmed, you will be prompted to enter the password. Enter the password given in the above command -
At the end you will find the new key store file my_keystore.pfx in your current directory.
Importing a Digital certificate into RPT
Import the certificate into the RPT project before recording.
Click on 'File' > 'Import' > 'General' > 'File system'. Import the required certificates into the project in RPT.
Imported certificates can now be used during RPT recording and playback -
Once you have the certificates in place, you may start recording a test with digital certificates. The below IBM info center link has details on recording a test with digital certificates:
IBM info center link with details on Playing back a test with Digital certificates:
Alex_Moore 1000008GXE Visits (2404)
1. Logon to the Digital Certificate Manager of the iSeries.
2. Create New Certificate Store.
3. *SYSTEM, Continue.
4. No - Do not create a certificate in the certificate store, Continue.
5. Create Certificate store password, OK.
6. Click 'Select a Certificate Store', *SYSTEM, Continue & Continue.
7. On the left side of the screen select 'Create Certificate'.
9. Select 'Local Certificate Authority(CA)', Continue.
11. Select the following Applications to assign the certificate too:
12. Select 'Work with client applications' on the right side of the screen and assign the certificate to the following:
14. Select 'Copy and paste certificate'.
16. Add the newly created .cer to the studio by clicking on 'Window, Preferences, Remote Systems & SSL.
19. You should now be able to establish a SSL connection.
AcdntlPoet 2700019V2G Visits (1449)
While working the front lines in support over the past 16 years of my career, a small handful of issues always seem to crop up as the most requested items when clients call in. One of those items was consistently in depth question on how to setup SSL for any of the products I was supporting. So, of course I'm going to highlight an SSL article when it comes across my plate, as I know how important these types of setups are to you, or clients, with a focus on ensuring your environment's security.
Luckily, John Chewter, Chief Architect for Green Hat Technologies in IBM has written a wonderfully detailed article on developerWorks outlining this process for IBM Rational Integration Tester:
Using SSL within Rational Integration Tester- Overview of key material, the SSL handshake, and its use in Rational Integration Tester transports. Learn how to configure SSL and use the key material in IBM® Rational® Integration Tester to test and virtualize secure services.
Summary: This article explains the various key material types and how they are used within Rational Integration Tester so that it can connect to and test applications secured using SSL. In Part Two we explore how to use the HTTP(S) proxy server to record and re-route secure traffic by using existing key material, or by using the certificate and key that is included in the HTTP proxy server, within the Rational Integration Tester Platform Pack.
Sumant Renukarya 270002B42N Visits (4376)
If there is a need to know the cipher used by CLM applications or RTC and the level of encryption used for web-clients, this blog should be of some help.
Cipher refers to the algorithm used for performing encryption and decryption of the data.
Generally, SSL (Secure Socket Layer) is used for data encryption, decryption and transmission using certificates or smart cards. However, this also depends on the kind of Application server being used. Based on the kind of application server in use, the respective product documentation should have the details on the cipher used.
Websphere Application Server, Apache Tomcat
a. For Internet Explorer, login to RTC and then right click on the web-page --> Properties;
b. For Firefox web-browser, if one hovers and clicks on the padlock symbol prior to URI in the address bar, say before https: //ho
So, if the RTC/CLM installation is based on Websphere Application Server (v7.0), the site supports a minimum cipher strength of 168 bit encryption. This, can be confirmed by looking into the properties for ccm application web-page and the application server documentation.
By default, using the Apache Tomcat application server the site supports a minimum cipher strenght of 128 bit encr
The cipher indicates that the data is encrypted between the Internet browser and the Server. It doesn’t encrypt the data on the database itself.
This is what is behind the HTTPS protocol and is managed by the Application server. RTC is only an application installed on top of Jazz, which is installed on WebSphere.
Here is the link for the WebSphere v 7.0 documentation - About "TLS 1.0, 3DES with 168 bit encryption (High)". This explains SSL Version 3 and TLS Version 1.0 cipher specifications: http