Install SSL certificates

This topic describes how to install endpoint certificates for Connect data sources.

SSL overview

To enable SSL, you need to import SSL certificates for your data sources. the import is required in order to enable SSL/TLS for Connect and the Tomcat service.

The certificates are stored in a cacerts file. These certificates allow Connect data sources launched in a Tomcat instance, to connect to remote endpoints, such as ALM/QC, ALM Octane, Jira, Azure DevOps, Rally, Version One, and ServiceNow. These certificates comply with the trust requirements imposed by those endpoints.

Back to top

Install SSL certificates

This section describes how to import SSL certificates using the InstallCertificates script from the Batch utility scripts.

To install SSL certificates:

  1. In the utilities folder, open the batch file mfcInstallCertificates.bat for editing.

  2. Enter values in the file for the first data source in lines 10 and 11:

    • Host: The HTTP site that hosts the data source. Do not include the protocol. For example,
      HOST=companyname.com . Note: If the host is accessible using multiple hostnames or IPs, make sure to use the same value in the script and data source.

    • Port: The port number used by the endpoint, usually 443 or 8443. For example,
      PORT=443 .

    • User/Password: The administrator user name and password for the Connect service (not the password for your endpoint system).

  3. Save the file.

  4. Open a command prompt as administrator, and go to the <Connect_installdir>Utilities folder.

  5. Run the batch file mfcInstallCertificates.bat.

  6. When prompted to add the certificates, select them by their index numbers. For example, if there are three certificates listed, type 1 and press Enter, type 2 and press Enter, and type 3 and press Enter.

  7. To exit the script, type q and press Enter.

  8. Repeat the above process for each SSL enabled endpoint to which you want to connect.

  9. Locate the newly created file, jsecacerts, in the Utilities folder. Rename the file to cacerts and copy it to the <Connect_installdir>\jre\lib\security folder, overwriting the exiting cacerts file.

  10. Restart the Connect service and create your data sources. For details, see Create a data source.

Back to top

Next steps: