Using a custom trust store

You can use a custom trust store in the HCL OneTest Server UCD plug-in file to establish a trusted and secure connection between the UCD server and HCL OneTest Server.

Before you begin

You must have completed the following tasks:
  • Saved the Certificate Authority (CA) assigned to HCL OneTest Server.
    Note: You can contact the administrator of HCL OneTest Server if you do not have a copy of the CA.
  • Installed Java on the computer from where you access the HCL OneTest Server UI.

About this task

If the SSL certificate assigned to HCL OneTest Server is signed by an internal Certified Authority (CA), then you must download and import the CA certificate to a custom trust store. You can then use the custom trust store in the HCL OneTest Server test process step to establish a trusted and secure connection between the UCD server and HCL OneTest Server.

Note: If the internal CA certificate is already imported to the default trust store that is used by the UCD server, you need not use a custom trust store.

Procedure

  1. Locate the default trust store file (cacerts file) from the JRE directory.
    For example: C:\Program Files\Java\jdk-18.0.1.1\lib\security
  2. Copy the cacerts file to a location of your choice on your computer.
  3. Place the CA assigned to HCL OneTest Server in the same location where you saved the cacerts file.
  4. Run the following command from the command-line interface or terminal to import the CA of HCL OneTest Server to custom trust store:
    keytool -import -trustcacerts -file {path to the downloaded CA with the file extension} -alias {label for the certificate} -keystore {path to the trust store cacerts file}

    For example,

    keytool -import -trustcacerts -file C:\Users\Desktop\cert\ca-master-hcl.crt -alias "otsca" -keystore C:\Users\Desktop\cert\cacerts

    Note: The default password of the trust store is changeit. It remains the same for the custom trust store. If you want to change the password, you can run the following command, and then enter the new password:
    keytool -storepasswd -keystore {path to the trust store cacerts file}

    For example, keytool -storepasswd -keystore C:\Users\Desktop\cert\cacerts

Results

You have successfully imported the downloaded CA to the custom trust store.

What to do next

You can then run the tests that are available in your HCL OneTest Server project from the UCD server.