SSL certificate specification

All programs using the .NET HttpListener for HTTPS communication must register a certificate on the port that they are using. OpenText Service Virtualization automatically configures the required certificate registration.

How certificates are used

During installation, OpenText Service Virtualization can import a certificate, or generate one self-signed certificate, issued with the name of the machine on which OpenText Service Virtualization is installed. The certificate is used as a default certificate for all OpenText Service Virtualization components that require a certificate.

The generated self-signed certificate is suitable for an initial setup of OpenText Service Virtualization. For security and usability reasons, it is recommended to consider importing a certificate issued by the certificate authority which is trusted by clients connecting to OpenText Service Virtualization.

All certificates defined in OpenText Service Virtualization are imported into the Personal folder of Windows Certificate Store. They are bound to the related ports according to their thumbprint values.

To change the automatic configuration settings, see Windows firewall and TCP port configuration.

Note: As of OpenText Service Virtualization 2023, the default certificates, which consist of the server-cert.p12, server-cert.pem, server-key.pem, and server-pass.txt files, were moved to the less restricted locations listed below:

C:\ProgramData\OpenText\Service Virtualization Server\ConfigurationTools\certificates
C:\ProgramData\OpenText\Service Virtualization Designer\ConfigurationTools\certificates

Certificates per component

This section provides the location of the certificate for each component.

Certificates for OpenText Service Virtualization components are specified as follows:

Component Details

Management API Endpoint (REST)

Component	Details
Management API Endpoint (REST)	The certificate is used for the Management API endpoint if you chose the option to enable authentication. For details on changing authentication options, see Change SV Server security settings. The location of the certificate is specified in the OpenText Service Virtualization Server configuration file `HP.SV.StandaloneServer.exe.config`, located in the installation folder. `<restManagementServiceConfiguration` `certificatePath="C:\ProgramData\OpenText\Service Virtualization Server\ConfigurationTools\certificates\server-cert.p12"` `certificatePassword="changeit"` `/>` The path to the certificate file can be absolute, or relative to the Server's executable file. The password is encrypted if the password encryption feature is enabled. For details, see Password encryption. The certificate is bound to its related port when the OpenText Service Virtualization Server is started.
Service Virtualization Management	The location of the certificate is specified in the Service Virtualization Management configuration file `HP.SV.ServiceVirtualizationManager.Host.exe.config`, located in the installation folder. `<svmConfig` `ssl="true"` `certificatePath="C:\ProgramData\OpenText\Service Virtualization Server\ConfigurationTools\certificates\server-cert.p12"` `certificatePassword="changeit"` `port="6086"` `/>` If certificatePath and certificatePassword are specified, certificate binding is checked and updated when Service Virtualization Management is started. port defines the TCP port where Service Virtualization Management is running. The password is encrypted if the password encryption feature is enabled. For details, see Password encryption.
OpenText Service Virtualization Agents	You specify the path to a certificate when you configure the agent. The certificate is bound to the selected port when the related agent is started. The path to the certificate must be valid on the machine where the agent will run. For details on agent configuration, see Agents.

The certificate is used for the Management API endpoint if you chose the option to enable authentication. For details on changing authentication options, see Change SV Server security settings.

The location of the certificate is specified in the OpenText Service Virtualization Server configuration file HP.SV.StandaloneServer.exe.config, located in the installation folder.

<restManagementServiceConfiguration

certificatePath="C:\ProgramData\OpenText\Service Virtualization Server\ConfigurationTools\certificates\server-cert.p12"

certificatePassword="changeit"

/>

The path to the certificate file can be absolute, or relative to the Server's executable file.
The password is encrypted if the password encryption feature is enabled. For details, see Password encryption.
The certificate is bound to its related port when the OpenText Service Virtualization Server is started.

Service Virtualization Management

The location of the certificate is specified in the Service Virtualization Management configuration file HP.SV.ServiceVirtualizationManager.Host.exe.config, located in the installation folder.

<svmConfig

ssl="true"

certificatePath="C:\ProgramData\OpenText\Service Virtualization Server\ConfigurationTools\certificates\server-cert.p12"

certificatePassword="changeit"

port="6086"

/>

If certificatePath and certificatePassword are specified, certificate binding is checked and updated when Service Virtualization Management is started.
port defines the TCP port where Service Virtualization Management is running.
The password is encrypted if the password encryption feature is enabled. For details, see Password encryption.

OpenText Service Virtualization Agents

You specify the path to a certificate when you configure the agent. The certificate is bound to the selected port when the related agent is started. The path to the certificate must be valid on the machine where the agent will run.

For details on agent configuration, see Agents.