Question & Answer
Question
How do you configure IBM Rational DOORS to use the default SSL certificates and enable security?
Cause
This procedure is not documented in detail in the IBM Rational DOORS Information Center.
Answer
To enable security, you need to configure the IBM Rational DOORS server to start with security enabled. You do that with the -secure command line switch. For example:
doorsd -p $PORTNUMBER -secure on -serverhostname IBMEDSERV
The above command enables security on the DOORS server, configuring it to use the default security certificate.
If you are running on Windows and would prefer to use the Registry instead of the command line, the registry keys to update are in:
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Telelogic\DOORS_Server\<VERSION>\Config (64 bit OS)
- HKEY_LOCAL_MACHINE\SOFTWARE\Telelogic\DOORS_Server\<VERSION>\Config (32 bit OS)
The registry keys are:
- secure (default value is off)
- SERVERHOSTNAME (default value is IBMEDSERV)
To enable security using the registry settings, set the secure registry key's value to on and restart the DOORS server.
A few other steps are required to use the default security certificate:
- Configure the server and all clients so that IBMEDSERV resolves to the DOORS server on the network. One way to do this is by setting an alias in the hosts file.
- When running commands that connect to the DOORS database such as dbadmin, you need to use
-data port@IBMEDSERV
instead of the usual DOORS server host name to keep security happy
- DOORS clients will also need to use -data port@IBMEDSERV to connect to the DOORS server. You can either update the DOORS shortcut or make the necessary changes in the Windows Registry
Once the DOORS server has been started with security enabled, the DOORS clients will only be able to connect if they are configured correctly. DOORS clients that are not configured for security will get an error similar to the following when attempting to connect to the server:
The secure connection attempt failed.
The received server certificate was invalid.
DOORS will now exit.
You can also create your own custom certificates to use instead of the default certificate --
this procedure is outside the scope of this tech note.
Related Information
Was this topic helpful?
Document Information
Modified date:
01 May 2020
UID
swg21498123