How do you configure Lightweight Directory Access Protocol over SSL (LDAPS) for IBM Rational Team Concert on Apache Tomcat?
Some LDAP providers are configured to use Secure Transport with SSL.
There are 2 steps required to configure Lightweight Directory Access Protocol over SSL (LDAPS) for Rational Team Concert running on Apache Tomcat
- Import the certificate from your LDAP server into Apache Tomcat's trust store
- Rerun the steps documented in Managing users with Lightweight Directory Access Protocol (LDAP) to configure your Rational Team Concert to connect to LDAP through the secure port.
Below are steps to import a certificate into Apache Tomcat's trust store:
- Stop the Apache Tomcat server
- Obtain the certificate from the LDAPS server (an LDAP Administrator should be able to provide the certificate file)
In this example, the certificate file in the *.der format
- Navigate to "..\\JazzTeamServer\server\jre\bin" directory
- Double click on ikeyman.exe to launch
- Click on the Open button and browse to the "..\\JazzTeamServer\server\jre\lib\security" directory
- Select to view all file types. You should see a file called 'cacerts' in the list
- Open the 'cacerts' file
- IBM Key Management will prompt for a password
Enter 'changeit' and click OK. A list of 'Signer Certificates' will display (see below)
Note: 'changeit' is a default password. If you have changed it, you will need to enter your own password
- Click on the 'Add' button to add a certificate from file
- Browse to the certificate file and click on OK to add
- This will open a prompt for a certificate name. Enter a name and click OK
- Exit from ikeyman by selecting "Key Database File > Exit" from the main menu
- Start the server
Jazz and Rational Team Concert have an active community that can provide you with additional resources. Browse and contribute to the User forums, contribute to the Team Blog and review the Team wiki.