It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Guidelines | FAQ
Follow this question
Question details

×42,865

question asked: Jul 26 '10, 4:48 a.m.
question was seen: 7,867 times
last updated: Jul 26 '10, 4:48 a.m.

Related questions

How to fix Repository Connection Certificate Problem

0
arvey wang (411610) | asked Jul 26 '10, 4:48 a.m.
When I connect to RTC server with the Rational Team Concert client, Repository Connection Certificate Problem dialog will be poped up, even if I had followed Security certificates guide to disable it. Does anyone konw how to fix the problem?

The detail info is:
=======================================================
There is problem with certificate presented by the server when connecting to 'my-rtc-server'. The certificate host name does not match the server name.
Team Repository: https://my-rtc-server:9443/jazz
What would you like to do?
Option 1: Reject this certificate and do not connect this repository
Option 2: Accept this certificate temporarily for remainder of this session
OK Cancel
=========================================================

4 answers

Most liked answers ↑|Newest answers|Oldest answers

0
permanent link
Ralph Schoon (63.4k33646) | answered Jul 26 '10, 6:27 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
Hi Arvey,

you need to create a valid certificate. The one shipped with RTC has only localhost as a host name. A colleague provided me with these steps to create a key and export it. I am not sure about the parameters. You need to look into it.

Once you have a valid certificate that needs to be used by the application server. For Tomcat you can find the entries you need to change in the server.xml. 


Create a key:

".\server\jre\bin\keytool" -genkey -alias somealias -keyalg RSA -validity 365 -keystore "my.keystore" -storetype JKS



export a key:

".\server\jre\bin\keytool" -export -alias somealias -keystore my.keystore -rfc -file "public.cert"


Ralph

When I connect to RTC server with the Rational Team Concert client, Repository Connection Certificate Problem dialog will be poped up, even if I had followed Security certificates guide to disable it. Does anyone konw how to fix the problem?

The detail info is:
=======================================================
There is problem with certificate presented by the server when connecting to 'my-rtc-server'. The certificate host name does not match the server name.
Team Repository: https://my-rtc-server:9443/jazz
What would you like to do?
Option 1: Reject this certificate and do not connect this repository
Option 2: Accept this certificate temporarily for remainder of this session
OK Cancel
=========================================================
0
permanent link
arvey wang (411610) | answered Jul 29 '10, 10:21 p.m.
Hi Ralph
Thanks your reply, Now we have found the root cause, The solution is that modify "SSL certificate and key management/Key stores and certificate-->NodeDefultkeyStore/Personal certificate" in WAS admin console.
Hi Arvey,

you need to create a valid certificate. The one shipped with RTC has only localhost as a host name. A colleague provided me with these steps to create a key and export it. I am not sure about the parameters. You need to look into it.

Once you have a valid certificate that needs to be used by the application server. For Tomcat you can find the entries you need to change in the server.xml. 


Create a key:

".\server\jre\bin\keytool" -genkey -alias somealias -keyalg RSA -validity 365 -keystore "my.keystore" -storetype JKS



export a key:

".\server\jre\bin\keytool" -export -alias somealias -keystore my.keystore -rfc -file "public.cert"


Ralph

0
permanent link
Glenn Houk (622) | answered Mar 25 '11, 3:32 p.m.
Hi Arvey,

Do you recall how you solved this problem? I don't quite understand the steps to take in your solution... If my updates are correct, I'm still wondering the exact menu's/key-click's that you opened in order for you to modify as you explain - how do you get to SSL certificate and key managment?:
*** The solution is to modify the "SSL certificate and key management/Key stores and certificate" to be "NodeDefaultkeyStore/Personal certificate"
*** It WAS previously set to "admin console".

Appreciate your help! This is exactly the solution I believe I need to perform.

Thanks,
Glenn Houk

Hi Ralph
Thanks your reply, Now we have found the root cause, The solution is that modify "SSL certificate and key management/Key stores and certificate-->NodeDefultkeyStore/Personal certificate" in WAS admin console.
Hi Arvey,

you need to create a valid certificate. The one shipped with RTC has only localhost as a host name. A colleague provided me with these steps to create a key and export it. I am not sure about the parameters. You need to look into it.

Once you have a valid certificate that needs to be used by the application server. For Tomcat you can find the entries you need to change in the server.xml. 


Create a key:

".\server\jre\bin\keytool" -genkey -alias somealias -keyalg RSA -validity 365 -keystore "my.keystore" -storetype JKS



export a key:

".\server\jre\bin\keytool" -export -alias somealias -keystore my.keystore -rfc -file "public.cert"


Ralph

0
permanent link
arvey wang (411610) | answered Mar 27 '11, 11:50 p.m.
Hi Glennhouk,
I find a simple solution, just run /opt/IBM/WebSphere/AppServer/bin/ProfileManagement/pmt.sh to launch "Profile Management Tool", and then make sure the "host name" is full-dns name in "Node and Host name" configuration step.
=============================================================

Hi Arvey,

Do you recall how you solved this problem? I don't quite understand the steps to take in your solution... If my updates are correct, I'm still wondering the exact menu's/key-click's that you opened in order for you to modify as you explain - how do you get to SSL certificate and key managment?:
*** The solution is to modify the "SSL certificate and key management/Key stores and certificate" to be "NodeDefaultkeyStore/Personal certificate"
*** It WAS previously set to "admin console".

Appreciate your help! This is exactly the solution I believe I need to perform.

Thanks,
Glenn Houk

Hi Ralph
Thanks your reply, Now we have found the root cause, The solution is that modify "SSL certificate and key management/Key stores and certificate-->NodeDefultkeyStore/Personal certificate" in WAS admin console.
Hi Arvey,

you need to create a valid certificate. The one shipped with RTC has only localhost as a host name. A colleague provided me with these steps to create a key and export it. I am not sure about the parameters. You need to look into it.

Once you have a valid certificate that needs to be used by the application server. For Tomcat you can find the entries you need to change in the server.xml. 


Create a key:

".\server\jre\bin\keytool" -genkey -alias somealias -keyalg RSA -validity 365 -keystore "my.keystore" -storetype JKS



export a key:

".\server\jre\bin\keytool" -export -alias somealias -keystore my.keystore -rfc -file "public.cert"


Ralph

Your answer

Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.