Skip to main content

Software  >  Rational  >  

Connecting to a secure host with SSL or TLS with a self-signed certificate using Rational Functional Tester Extension for Terminal-based Applications
 Technote (troubleshooting)
 
Problem(Abstract)
To connect to a secure host using Rational Functional Tester Extension with SSL or TLS using a self-signed certificate.
 
Resolving the problem
Rational Functional Tester Extension for Terminal-based Applications requires that you use a security utility such as OpenSSL or IBM Certificate Management to produce the *.p12 file that will pass the host servers self-signed certificate credentials to the terminal to allow a secure connection.
Although IBM Certificate Management which runs on Windows, Linux, AIX, or Solaris distributed platforms is not included with Rational Functional Tester, it is shipped with other IBM products such as IBM Personal Communications, IBM Host On-Demand, and IBM HTTP server. The *.p12 file can easily be created if you have access to this utility.

You must use IBM Certificate Management to create the *.p12 file.

Before starting, you need:
  • The extracted host or server certificate in the form of an *.arm or *.der file.
  • The secure port for your host connection.
  • A CustomizedCAs.p12 with a password of "hod" created using IBM Certificate Management.
  • The correct settings for the terminal session.

I. You must have access to IBM Certificate Management tool. You must either install it or work with an existing installation:
    1. Open IBM Key Management.




    2. Click Key Database File -> New.

    3. Change the File Type to PKCS12.

    4. Name the file CustomizedCAs.p12.

    5. Save the file to the folder C:\Program Files\IBM\SDP70Shared\plugins\com.ibm.test.terminal.7.0.2v200906180724.
    The terminal.jar and TerminalTester.jar must be present in this folder.
      Note: For FTE 7.01, the location for the CustomizedCAs.p12 file will be C:\Program Files\IBM\SDP70Shared\plugins\com.ibm..test.terminal.7.0.1v200709190143

    6. Type hod when prompted for a password.
    Note:This password is hard-coded and must be hod.

    7. Click Add to add the extracted *.der or *.arm file from the host's server certificate to the CustomizedCAs.p12.

    8. Type the label for this certificate.

    9. Click Key Database File ->Save As to save the file with the certificate you just added.

    10. Type hod and verify the password.

    11. Close Certificate Management.


2. In the IBM Extension for Terminal-based Applications dialog box , click Advanced to set the following properties:



    1. SecurityProtocol=SESSION_PROTOCOL_SSL or
    SecurityProtocol=SESSION_PROTOCOL_TLS

    2. SSL=true

    3. SSLCertificateName=CustomizedCAs.p12

    4. SSLCertificatePassword=hod

    5. (optional) SSLCertificateProvided=true

3. In the terminal session under Port, type the secure port number to be used by the server connection. Typically, this is 992, but it may vary depending on the telnet configuration of your host.

The secure connection must show MA*+ in the Operator Information Area at the bottom of the screen as displayed below:



Troubleshooting:
  • If you receive a COMM 662, you might have set the SSL parameters in the terminal's Advanced Properties and set the session to connect on the secure port without adding the CustomizedCAs.p12 file to the terminal's working directory.
  • If you receive a COMM 662, you might have added the wrong certificate to the CustomizedCAs.p12 file.
  • If you receive a COMM 657, you might not have enabled SSL parameters in the terminal's Advanced Properties.
  • If you receive a COMM 657, the port you are connecting to may not be secure.

If you continue to have problems setting up SSL or TLS, contact Support for additional assistance.
 
 
 

Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.
Rate this page
Please take a moment to complete this form to help us better serve you.
This material provides me with the information I need.




This material is clear and easy to understand.




Did the information help you to achieve your goal?
What updates, improvements, or related information would you like to see in this document?
Your response will be used to improve our document content. Requests for assistance, if applicable, should be submitted through your normal support channel as we cannot respond from this site.
Input the verification number to submit feedback:
Document information
 Product categories:
 Software
 Software Development
 Software Quality Management
 Rational Functional Tester
 Extension for Terminal Based Applications
 Operating system(s):
  Windows
 Software version:
  8.1
 Reference #:
  1391792
 IBM Group:
 Software Group
 Modified date:
 2009-08-10

Translate My Page
 
 

Rate this page

Help us improve this page. Your response will be used to improve our document content. Requests for assistance, if applicable, should be submitted through your normal support channel as we cannot respond from this site.