Importing certificates from the server for secured connections

Starting from HCL OneTest™ UI 9.1.1, you can import certificates from the server to connect to the host machines securely. You can create a CustomizedCAs.p12 / CustomizedCAs.jks keystore through the Extension for Terminal-based Applications that produces the *.p12/JKS file. This file passes the host server's self-signed certificate credentials to the terminal to allow a secure connection.

About this task

Prior to version 9.1.1, you could use SSL to connect to the host machine securely. See Using SSL to connect to host machines.

Procedure

  1. Start the Extension for Terminal based Applications by clicking the Launch button in HCL OneTest UI.

  2. Click Session > Security to open the Security Information window.

    Security Information window

  3. Select or type the Host address and Port number.
  4. Select the type of keystore where the certificate can be saved. Depending on the connection protocol supported by the host, you can choose PKCS12 or JKS.
  5. Click the Get Certificate(s) button to retrieve the certificates from the host.
  6. After the certificates are retrieved, click the Save button to save the extracted certificate to the appropriate keystore (CustomizedCAs.p12 or CustomizedCAs.jks).
  7. Click the Status bar to open the location where the keystore is created with the certificate. This location would be C:\Users\<current user>\Application Data\ibm\RFT\Extension for Terminal-based Applications on a Windows machine.
  8. Copy the .p12 or .jks file to the <HCLIMShared\plugins>\com.ibm.test.terminal_8.5.0.vXXXX folder. This plugin folder also includes the terminal.jar and TerminalTester.jar files.
  9. Close the Security Information window and restart the Extension for Terminal-based Applications.
  10. Type the Host address, Port number, and terminal type information and click the Advanced Settings button.
  11. For CustomizedCAs.jks, modify the following properties as needed:
    • sslUseJSSE : true
    • sslJSSETrustStore: fullpath of the CustomizedCAs.jsk, for example, C:\Program Files\HCL\HCLIMShared\plugins\com.ibm.test.terminal_8.5.0.v20170703_0428\CustomizedCAs.jks
    • sslJSSETrustStorePassword: hodpwd
    • tlsProtocolVersion: TLSv1.2 (If the host supports an older version of the protocol, the application will fall back to the older version.)
    • sslJSSETrustStoreType: jks
    • SSL: true

    For CustomizedCAs.p12, the application will automatically find the CustomizedCAs.p12 in the plugin and connect using the certificate.

Feedback