Secure StarTeam server

This topic provides details on how to configure a secure StarTeam server.

In this topic:

Configure and secure StarTeam server

Follow the steps below to configure and secure your StarTeam server:

1. Set security and timeout options. For details, see Setting security and timeout options.

2. Enable TLS secure sockets protocol. For details, see Enabling TLS secure sockets protocol in StarTeam Server .

   Disable non TLS protocols if possible.

3. For LDAP users, you can also configure Single Sign-On or Multi-Factor authentication. For details, see Single Sign-on/Multi-factor authentication.

4. Secure certificate files.

   • Set access rights for certificate key or limit access to the .. \Micro Focus\StarTeam Server 17.2\CACertificates folder.
   • Use a dedicated user for StarTeam service (instead of local System) and define exact permissions for the user, allowing the user to perform only the necessary actions required by the StarTeam system/application.

Back to top

Configure ActiveMQ MPX with secure protocols

Follow the steps below to configure ActiveMQ MPX with secure protocols:

1. Configure ActiveMQ MPX with secure protocols. For details, see Configuring ActiveMQ MPX with secure protocols SSL/TLS .

2. Secure certificate files by limiting access rights to the \Micro Focus\ActiveMQ Message Broker\conf folder.

Back to top

Configure and secure StarTeam web server for Search and My Work

Follow the steps below to configure and secure the StarTeam web server for Search and My Work:

1. Configure HTTPS for the web server. For details, see Enabling SSL using a certificate.

2. Make sure TLS 1.0 is disabled in the server.xml file of the web server.

3. Secure Search configuration in the ..\Micro Focus\StarTeam Server 17.2\Search\config\starteam-search-configs.xml file.

   Use a dedicated user for StarTeam web service (instead of local System) and define exact permissions for the user, allowing the user to perform only the necessary actions required by the StarTeam system/application.

Back to top

Configure secure ServerREST API

Follow the steps below to configure secure ServerREST API:

1. Configure use of HTTPS. For details, see Configure certificates for a secure protocol.

2. Set up certificate. For details, see Start the REST service.

Back to top

Configure database level encryption

Follow the steps below to configure database level encryption:

• For SQL server.

  See Configure encrypted connections.

• For Oracle.

  StarTeam Server 17.3 supports Oracle Data Network Encryption and Integrity. The encryption must be configured on the database server.

Back to top