SSL certificate specification

All programs using the .NET HttpListener for HTTPS communication must register a certificate on the port that they are using. Service Virtualization automatically configures the required certificate registration.

How certificates are used

During installation, Service Virtualization can import a certificate, or generate one self-signed certificate, issued with the name of the machine on which Service Virtualization is installed. The certificate is used as a default certificate for all Service Virtualization components that require a certificate.

The generated self-signed certificate is suitable for an initial setup of Service Virtualization. For security and usability reasons, it is recommended to consider importing a certificate issued by the certificate authority which is trusted by clients connecting to Service Virtualization.

All certificates defined in Service Virtualization are imported into the Personal folder of Windows Certificate Store. They are bound to the related ports according to their thumbprint values.

To change the automatic configuration settings, see Windows firewall and TCP port configuration.

Note: As of Service Virtualization 2023, the default certificates, which consist of the server-cert.p12, server-cert.pem, server-key.pem, and server-pass.txt files, were moved to the less restricted locations listed below:

  • C:\ProgramData\Micro Focus\Service Virtualization Server\ConfigurationTools\certificates

  • C:\ProgramData\Micro Focus\Service Virtualization Designer\ConfigurationTools\certificates

Back to top

Certificates per component

This section provides the location of the certificate for each component.

Certificates for Service Virtualization components are specified as follows:

Management API Endpoint (REST)

The certificate is used for the Management API endpoint if you chose the option to enable authentication. For details on changing authentication options, see Change SV Server security settings.

The location of the certificate is specified in the Service Virtualization Server configuration file HP.SV.StandaloneServer.exe.config, located in the installation folder.

<restManagementServiceConfiguration

certificatePath="C:\ProgramData\Micro Focus\Service Virtualization Server\ConfigurationTools\certificates\server-cert.p12"

certificatePassword="changeit"

/>

  • The path to the certificate file can be absolute, or relative to the Server's executable file.
  • The password is encrypted if the password encryption feature is enabled. For details, see Password encryption.
  • The certificate is bound to its related port when the Service Virtualization Server is started.

 

Service Virtualization Management

The location of the certificate is specified in the Service Virtualization Management configuration file HP.SV.ServiceVirtualizationManager.Host.exe.config, located in the installation folder.

<svmConfig

ssl="true"

certificatePath="C:\ProgramData\Micro Focus\Service Virtualization Server\ConfigurationTools\certificates\server-cert.p12"

certificatePassword="changeit"

port="6086"

/>

  • If certificatePath and certificatePassword are specified, certificate binding is checked and updated when Service Virtualization Management is started.
  • port defines the TCP port where Service Virtualization Management is running.
  • The password is encrypted if the password encryption feature is enabled. For details, see Password encryption.
Service Virtualization Agents

You specify the path to a certificate when you configure the agent. The certificate is bound to the selected port when the related agent is started. The path to the certificate must be valid on the machine where the agent will run.

For details on agent configuration, see Service Virtualization agents.

Back to top