Configure trust on the server

Configure trust on the OpenText Software Delivery Management server when you connect to any remote server (such as a database server, an LDAP server, license sharing with OpenText Application Quality Management, and so on) over a secure channel.

Note: When connecting to a database server with SSL, or an LDAP server, over a secure channel, you must configure trust before starting the OpenText Software Delivery Management server by running systemctl start octane.

To configure trust:

Obtain the certificate of the root and any intermediate Certificate Authority that issued the remote server certificate.
Import each certificate into the OpenText Software Delivery Management java truststore using a keytool command.
- Locate your <java_home> directory. It is usually under the user/lib directory but may be different for your environment. One way to check the location of the <java_home> directory is to check the environment information settings in the /octane/log/wrapper.log file.
  
  Example:/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.131-11.b12.el7.x86_64/jre
- Locate your keystore cacerts file, which is usually here: <java_home>/jre/lib/security/cacerts
- Import each certificate.
  
  Example:
```
cd <java_home>/bin
```
```
./keytool -import -trustcacerts -alias <CA> -file <path to the CA certificate file> -keystore ../lib/security/cacerts
```
In the octane.conf file, enter the cacerts password in the java-default-trust-store-password parameter.
If the OpenText Software Delivery Management service (octane) is running, restart it.

Tip: For general details on configuring HTTPS, see "Secure configuration and deployment" in the OpenText Software Delivery Management Secure Deployment and Configuration Guidelines.