If you have registered Secure Socket Layer (SSL) certificates, your site's users can use SSL when they set up an SCM integration server.

If you use certificates that are generated in-house, self-signed, or signed by a non-established Certificate Authority, they must be registered with each client system that will connect to the TeamForge server. Registration consists of importing custom certificates into the Java runtime’s global keystore on each server.

  1. Collect the server certificates from all servers. On RHEL, CentOS and other RedHat-based distributions, these are contained in /etc/httpd/conf/ssl.crt/server.crt.

  2. Locate the Java keystore.

    This is PATH_TO_JAVA/jre/lib/security/cacerts. For example, this may be /usr/local/j2sdk1.4.2_10/jre/lib/security/cacerts.

  3. Locate the Java keytool utility.

    This is PATH_TO_JAVA/bin/keytool For example, /usr/local/j2sdk1.4.2_10/bin/keytool.

  4. Import each server certificate into the keystore.

    PATH_TO_JAVA/bin/keytool -import -keystore PATH_TO_JAVA/jre/lib/security/cacerts -file <server>.crt -alias <server>
    
  5. At the password prompt, use changeit. Confirm that you trust the certificate by typing yes.
  6. Verify that all your certificates are added.
    PATH_TO_JAVA/bin/keytool -list -keystore PATH_TO_JAVA/jre/lib/security/cacerts |less
    
  7. If you are running more than one separate server, repeat these steps for each server.
  8. Restart TeamForge

From now on, you can select the Use SSL check box, if required, when creating an SCM integration.

Tags for this page: installation ssl