Replacing the Certificates that are Used for the HTTPS Connection to the Information Service

When using a secure connection through HTTPS between Silk Test Workbench and the information service, the following self-signed certificate files are used:
  • The keystore certificate file is used for the information service HTTPS server.
  • The following certificate files are used for the machine on which the Silk Test Workbench client is running:
    • cacerts
    • cacerts.p12
    • cacerts.pem

You can use OpenSSL and the Java keytool executable to replace these files with your own certificate files.

  1. Ensure that OpenSSL and a JDK are installed on your machine.
  2. Start the Java keytool executable from the bin folder of your JDK installation folder.
  3. Create a private and public key pair in your private keystore file on the information service HTTPS server:
    keytool -genkey -alias jetty -keyalg RSA -keypass Borland -storepass Borland -keystore keystore -validity 1095
  4. When prompted to type a first and last name, type * as a wildcard for the host.
  5. Export the information from your private keystore to a temporary certificate file named server.cer:
    keytool -export -alias jetty -storepass Borland -file server.cer -keystore keystore
    This temporary certificate file is required to generate the certificate files for the machine on which the Silk Test Workbench client is running.
  6. Create a certificate file named cacerts from the server.cer file.
    keytool -import -v -trustcacerts -alias jetty -file server.cer -keystore cacerts -keypass Borland -storepass Borland
  7. Import the information from the cacerts file into the temporary certificate file cacerts.p12.
    keytool -importkeystore -srckeystore cacerts -destkeystore cacerts.p12 -srcstoretype JKS -deststoretype PKCS12 -srcstorepass Borland -deststorepass Borland
  8. Create the public keystore file cacerts.pem in the PKCS12 keystore format from the temporary certificate file cacerts.p12
    openssl pkcs12 -in cacerts.p12 -out cacerts.pem -cacerts -nokeys
  9. Deploy the files keystore, cacerts, cacerts.p12, and cacerts.pem to the configuration folder:
    • On a Windows machine, deploy the files to %PROGRAMDATA%\Silk\SilkTest\conf, for example C:\ProgramData\Silk\SilkTest\conf.
    • On macOS, deploy the files to ~/.silk/silktest/conf/.