Using a custom trust store for IBM® DevOps Deploy
You can use a custom trust store in the DevOps Test Hub Deploy plugin file to establish a trusted and secure connection between the IBM® DevOps Deploy (Deploy) server and HCL DevOps Test Hub (Test Hub).
Before you begin
- Saved the Certificate Authority (CA) assigned to
Test Hub.Note: You can contact the administrator of Test Hub if you do not have a copy of the CA.
- Installed Java on the computer from where you access the Test Hub UI.
About this task
If the SSL certificate assigned to Test Hub is signed by an internal Certified Authority (CA), then you must download and import the CA certificate to a custom trust store. You can then use the custom trust store in the Run HCL DevOps Test Hub test process step to establish a trusted and secure connection between the Deploy server and Test Hub.
Procedure
-
Locate the default trust store file (cacerts file) from
the JRE directory.
For example: C:\Program Files\Java\jdk-18.0.1.1\lib\security
- Copy the cacerts file to a location of your choice on your computer.
- Place the CA assigned to Test Hub in the same location where you saved the cacerts file.
-
Run the following command from the command-line interface or terminal to import
the CA of Test Hub to
custom trust store:
keytool -import -trustcacerts -file {path to the downloaded CA with the file extension} -alias {label for the certificate} -keystore {path to the trust store cacerts file}
For example,
keytool -import -trustcacerts -file C:\Users\Desktop\cert\ca-master-hcl.crt -alias "otsca" -keystore C:\Users\Desktop\cert\cacerts
Note: The default password of the trust store is changeit. It remains the same for the custom trust store. If you want to change the password, you can run the following command, and then enter the new password:keytool -storepasswd -keystore {path to the trust store cacerts file}
For example,
keytool -storepasswd -keystore C:\Users\Desktop\cert\cacerts