To connect to the IXIA TEXTML Server, you must provide the list of
related clients with the IXIA TEXTML Server signed certificate in the list of
trusted certificates.
To add the signed certificate of authenticity (CA) to the list of trusted certificates, you
must run the keytool command in the JRE or JDK for each client.
-
If you get an error message indicating that the certificate cannot be
trusted, you need to add the root certificate for the trusted authority,
since the default certificate store
rarely contains the root certificates for your installation. Contact your
commercial root certificate authority (CA) for more information.
-
If you receive an error message that indicates the user or password doesn't
exist, it's likely your root certificate is not installed in the certificate
store. Install and also make sure all intermediate certificates are
installed.
To add the CA to the list of trusted certificates:
-
On the system with the installed component, copy the root CA and any
Intermediate certificate to a temp folder c:\temp or
/tmp.
Important: You must be in the
JRE/bin or JDK/bin folder used
by each CCMS component. Each component's configuration
entry is specific to the JRE or JDK location for that component.
Table 1. JRE or JDK paths for components
|
Client
|
Platform
|
Sample path
|
|
IXIA CCMS Desktop
|
Windows
|
C:\ixiasoft-ccms\cms-<instance
name>\jre\bin
Note: Do this for each <instance
name>.
|
|
IXIA CCMS Output Generator
|
Windows
|
%install_dir%\jdk\bin
|
|
Linux
|
%install_dir%/jdk/bin
|
|
IXIA CCMS Scheduler
|
Windows
|
%install_dir%\jdk\bin
Note: Wherever defined in the
wrapper.conf file.
|
|
Linux
|
%install_dir%/jdk/bin
Note: Wherever defined in the
wrapper.conf file.
|
|
CCMS Web
|
Windows
|
c:\Ixiasoft\ccms\jdk-11\bin
|
|
Linux
|
/opt/ixiasoft/ccms/jdk-11/bin
|
|
Java Console
|
Windows
|
C:\Program
Files\IxiaSoft\TextmlServer44\TextmlAdminJava\jre\bin
|
|
Linux
|
/opt/ixiasoft/bin/5167/textmladminjava/jre/bin
|
-
Open a command prompt and go to the
\jre\bin directory for the client.
-
Run the appropriate command, based on your platform.
Table 2. Platform-specific keytool commands
|
Platform
|
Commands
|
|
Windows
|
keytool -importcert -keystore ..\lib\security\cacerts -storepass changeit -file c:\temp\textml_root_cert.pem -alias company_root_ca
|
keytool -importcert -keystore ..\lib\security\cacerts -storepass changeit -file c:\temp\textml_intermediate_cert.pem -alias company_intermediate_ca
|
|
Linux
|
keytool -importcert -keystore ..\lib\security\cacerts -storepass changeit -file /tmp/textml_root_cert.pem -alias company_root_ca
|
keytool -importcert -keystore ..\lib\security\cacerts -storepass changeit -file /tmp/textml_intermediate_cert.pem -alias company_intermediate_ca
|
-
In the resulting message and at the prompt to trust the certificate, enter
yes.
The certificate is added to the keystore.
-
Repeat this procedure for every client that connects to the IXIA TEXTML Server.
Related clients for connection could includeIXIA CCMS Desktop, IXIA CCMS Output Generator,
IXIA CCMS Scheduler, and IXIA CCMS Web.
Note: If you get an error message, make the pertinent
changes and try again.
The CA is added to the list of trusted certificates. The next sub-step is to enable
SSL for each component connection you identified in this certification process in
the steps above.
