Use SSL to connect to host machines

Rational Functional Tester Extension for Terminal-based Applications requires that you use a security utility such as OpenSSL or IBM Certificate Management to produce the *.p12 file that will pass the host servers self-signed certificate credentials to the terminal to allow a secure connection. Although IBM Certificate Management which runs on Windows , Linux , AIX®, or Solaris distributed platforms is not included with Rational Functional Tester , it is shipped with other IBM products such as IBM Personal Communications, IBM Host On-Demand, and IBM HTTP server. The *.p12 file can easily be created if you have access to this utility.


Before you begin

You need:

You must use IBM Certificate Management to create the *.p12 file. You must have access to IBM Certificate Management tool. You must either install it or work with an existing installation:


Procedure

  1. Start IBM Key Management.

  2. Click KeyDatabase File > New. You must change the file type to PKCS12 and name it as CustomizedCAs.p12.

  3. Save the file to the folder C:\Program Files\IBM\SDP70Shared\plugins\com.ibm.test.terminal.7.0.2v200906180724.. The terminal.jar and TerminalTester.jar must be present in this folder.

    For Functional Tester Extension, version 7.01, the location for the CustomizedCAs.p12 file will be C:\Program Files\IBM\SDP70Shared\plugins\com.ibm.test.terminal.7.0.1v200709190143

  4. Type hod as the password.

    This password is hard-coded and must be hod.

  5. To add the extracted *.der or *.arm file from the host's server certificate to the CustomizedCAs.p12, click Add.

  6. In the Token Label field, type a valid token label for this certificate.

  7. To save the file with the certificate you just added, click Key Database File > Save As. Verify the password and close IBM Key Management.

  8. Start IBM Extension for Terminal-based Applications.

  9. Configure the advanced settings in the Advanced Properties page of the IBM Extension for Terminal-based Applications dialog box , click Advanced as follows:

    1. Set SecurityProtocol to SESSION_PROTOCOL_SSL or SESSION_PROTOCOL_TLS

    2. Set SSL to true

    3. Set SSLCertificateName to CustomizedCAs.p12

    4. Set SSLCertificatePassword to hod

    5. (optional) Set SSLCertificateProvided totrue

  10. In the terminal session under Port, type the secure port number to be used by the server connection. Typically, this is 992, but it may vary depending on the telnet configuration of your host. The secure connection must show MA*+ in the Operator Information Area at the bottom of the screen.

  11. Click OK.