Modifying the Build Forge configuration to use the new password

Build Forge configurations must be changed to use a changed keystore password.

Before you begin

Prerequisite:

About this task

The Apache Tomcat application server contains keystore passwords in the server.xml configuration file. They are stored as clear text. Apache Tomcat does not support encoded or encrypted passwords in this setting. In this procedure you modify server.xml and security properties in the Build Forge console.

Procedure

  1. Enter the new password in the Tomcat configuration. Edit <bfinstall>/Apache/tomcat/conf/server.xml. The Connector statement for SSL is located just under the comment <!– Define a SSL HTTP/1.1 Connector on port 8443 -- >.
    <Connector port="8443" maxHttpHeaderSize="8192" algorithm="IbmX509" 
     maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
     enableLookups="false" disableUploadTimeout="true"
     acceptCount="100" scheme="https" secure="true"
     clientAuth="false" sslProtocol="TLS" 
     keystoreFile="C:\Program Files\IBM\Build Forge\keystore\buildForgeTrustStore.p12"
     keystorePass="newpassword" 
     keystoreType="PKCS12" 
     truststoreFile="C:\Program Files\IBM\Build Forge\keystore\buildForgeTrustStore.p12" 
     truststorePass="newpassword" 
     truststoreType="PKCS12"/>

  2. Start Build Forge.
  3. Log in to the console. Use root or a login that has the Security access role.
  4. Enter the new password for the keystores. In Administration > Security > Keystore, edit these entries to use newpassword in the Password property.
    • Default JSSE Key Store
    • Default JSSE Trust Store
    • Default OpenSSL Key Store
  5. Enable SSL.
    1. In the console, go to Administration > Security.
    2. Set SSL Enabled to Yes.
    3. Click Save.
  6. Export the change to BFClient.conf. Click Update Master BFClient.conf.
  7. Start the Build Forge engine.

Feedback