Versions Compared

Old Version 6

changes.mady.by.user Edward Stolyar

Saved on

compared with

New Version Current

changes.mady.by.user Anubhuti Shrivastava

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Please be aware that this material is provided for your information only and using it is done so at your own risk. Zephyr has taken care that all the information contained here is correct and complete, but it is impossible to ensure this is the case. The documentation represents two generic scenarios for implementing SSL , and doesnand doesn't take into consideration any unique characteristics of your own server and network setup. Decisions made by your company regarding the security of your data via an implementation of SSL should be based on the understanding that even a correct SSL deployment will inherit any limitations of the technology and that it cannot protect against unknowns such as general human error. Zephyr cannot be held liable for any downtime or security breaches that may result from the use this document.

Note

The following is the procedure for the basic SSL setup process for Zephyr Enterprise. It is by no means a guide for SSL configuration regarding your HTTPS and SSL certificates.

As a reference, you can use SSL with Zephyr Enterprise, but all SSL configuration assistance is outside the scope for the Zephyr support team.

...

Java (JSSE): A JKS certificate can be used to cover both traffic channels. 

Deployment Prerequisites: 
While using Java JSSE method, then all you need a JKS (Java keystore) certificate. Use your Java keytool to create a certificate and have it signed by a CA (certification authority) , or create a self-signed certificate.

...

Code Block
languagexml
titleweb.xml
<!-- Uncomment the following if jdbc.properties secured property is true-->
<security-constraint>
  <web-resource-collection>
    <web-resource-name>Zephyr</web-resource-name>
    <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <user-data-constraint>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  </user-data-constraint>
</security-constraint>

  • Check all the 4 3 channels should have "https" set and make sure that all the changes are implemented correctly in /zephyr/tomcat/webapps/flex/WEB-INF/flex/services-config.xml.

  • Add in the C:\windows\system32\drivers\etc\hosts the domain name of the SSL with the IP address.

    Code Block
    languagetext
    192.168.100.130 <Your Zephyr Url>


  • Launch <Your Zephyr Url>/flex/html5 to access Zephyr Server.

...


Cacerts. For a default 32-bit JDK installation on Windows the location can be found in: C:\Program Files (x86)\Java\jdk1.8.0_40\jre\lib\security

  1. Open the 'Cacerts' found inside this folder. This should prompt for a password, if it was not manually changed the default password is 'changeit'.
  2. If it is successful, this should open the keystore with all the existing certificates in them. We'll be adding our certificate that we exported above in here.
  3. Select 'Import Trusted Certificate' and then provide the path of the exported certificate. Enter the alias of the certificate. Use the same alias that was configured with Zephyr and press OK.
  4. This should add the certificate to the Java Keystore.

...