Configure trust on the ALM Octane server

Configure trust on the ALM Octane server when you connect to any remote server (such as a database server, an LDAP server, license sharing with ALM, and so on) over a secure channel.

Note: When connecting to a database server with SSL, or an LDAP server, over a secure channel, you must configure trust before starting the ALM Octane server by running systemctl start octane.

To configure trust:

  1. Obtain the certificate of the root and any intermediate Certificate Authority that issued the remote server certificate.

  2. Import each certificate into the ALM Octane java truststore using a keytool command.

    • Locate your <java_home> directory. It is usually under the user/lib directory but may be different for your environment. One way to check the location of the <java_home> directory is to check the environment information settings in the /octane/log/wrapper.log file.

      Example/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.131-11.b12.el7.x86_64/jre

    • Locate your keystore cacerts file, which is usually here: <java_home>/jre/lib/security/cacerts

    • Import each certificate.

      Example:

      cd <java_home>/bin
      ./keytool -import -trustcacerts -alias <CA> -file <path to the CA certificate file> -keystore ../lib/security/cacerts

  3. In the octane.conf file, enter the cacerts password in the java-default-trust-store-password parameter.

  4. If the ALM Octane service (octane) is running, restart it.

Tip: For general details on configuring HTTPS, see "Secure configuration and deployment" in the ALM Octane Secure Deployment and Configuration Guidelines.

Back to top