Encrypting communication between clients and the server by using certificates

You can use client and server authentication files to enable secure, encrypted communication between IBM® Engineering Requirements Management DOORS® (DOORS) clients and the database server. Use a batch file to generate the authentication files. Set registry keys and start the server and clients with the required security parameters.

Procedure

  1. Copy the example_auth_files.bat file from the default installation location C:\Program Files\IBM\Rational\DOORS\9.6\certdb to a temporary folder on a computer where the DOORS client is installed.
  2. Open the batch file and make the following changes:
    1. In the batch file text, edit these passwords:
      • set serverKeyPwd=spassword123
      • set clientKeyPwd=cpassword123
    2. Replace spassword123 and cpassword123 with new passwords.
    3. In set dbServerName=db_server_name, change the value of db_server_name to the host name of the database server.
  3. Save and run the example_auth_files.bat file. The batch file generates four client_authentication* files and four server_authentication* files.
  4. Copy the client_authentication* files to the certdb folder on each computer where a DOORS client is installed. The default location is C:\Program Files\IBM\Rational\DOORS\9.6\certdb.
    Attention: Make sure that you removed existing client_authentication.rdb file.
  5. Copy the server_authentication* files to the certdb folder on the computer where the DOORS database server is installed. The default location is C:\Program Files (x86)\IBM\Rational\DOORS\9.6\certdb.
    Important: You must copy the server_authentication* and client_authentication* files into the DOORS server installation directory (for dbadmin & dbsadmin). Therefore you must remove existing client_authentication.rdb file.
  6. Stop the DOORS database server.
  7. Open the registry and go to this location: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Telelogic\DOORS_Server\9.6\Config.
  8. Create the certName and set the value of the server certificate name as serverCertLabel in the batch file command.
  9. Set the following key values. Create the keys if they do not exist. The SERVERHOSTNAME value must match the database server name that you entered in the serverCertDN batch file command.
    Key Value
    secure on
    certname serverCertLabel
    SERVERHOSTNAME dbServerName
  10. Start the DOORS database server.
  11. Start the client with the following parameters: doors.exe -data 36677@dbServerName

Feedback