It's all about the answers!

Ask a question

how do i avoid being blocked for having a self-signed certificate for the tools?


A S (588) | asked Aug 07 '17, 4:57 p.m.

I have 5 servers (VMs) for CLM 6.02 (RTC, RQM; DCC; DOORS NG; SQL; JTS).  They are all in the dev environment so we created self-signed certs.  This worked fine with just a warning when using the current browsers.  Then last month we decided that we should connect the tools (Requirements to Stories to Defects).  We suddenly found we could not - not trusted connection!!  Any way to get past this?  Does RTC/JTS not allow one to do it?


Second part - if we do get regular certs, how do we let the tools know?  I have done this many years ago with CQ, but don't remember.

Accepted answer


permanent link
Donald Nong (14.3k213) | answered Aug 08 '17, 1:00 a.m.

It's not RTC/JTS who takes care of the secure connections - it's the application server (Liberty I assume in this case). Self-signed certificate is usually not trusted, so you need to do something to allow the secure connection to be established. Put it simply, you can do the "Setup SSL Handshake between the Liberty profiles and IHS" step in the below article - you need to import certificates from all other servers, on each server. For example, on the RTC/RQM server, you need to import certificates from DCC, DNG, and JTS; on the DCC server, you need to import certificates from RTC/RQM, DNG, and JTS.
https://jazz.net/wiki/bin/view/Deployment/CLMDistributedSetupUsingLibertyProfile

Depending on the CA-signed certificates that you get, you may or may not need to import the CA certificates on each server.

A S selected this answer as the correct answer

Comments
A S commented Aug 08 '17, 10:14 a.m.

 Thanks Don.  I will try your suggestions and get back.

Your answer


Register or to post your answer.