Verifying that the DOORS certificate keys are up to date

Security authorization requires up-to-date certificate keys. You can verify the expiration date of the evaluation certificates that are installed with IBM® Engineering Requirements Management DOORS® (DOORS).

About this task

DOORS provides a set of evaluation certificates that you can use to validate secure connections for your security model.
Important: Do not use the sample certificates for secure connections in production environments.

To use the certificates that come with DOORS:

  • Set the database server host name to IBMEDSERV
  • Set DOORS clients to connect to IBMEDSERV

    When you start the database server and client software for other certificates, use the -keydb and -certName parameters.

Procedure

To validate that the evaluation certificates are not expired, use the GSKit function:

  1. To set the path, enter the path command for your environment: PATH=%PATH%;C:\Program Files (x86)\IBM\gsk8\bin;C:\Program Files (x86)\IBM\gsk8\lib
  2. To identify the client certificate expiration, enter this command: gsk8capicmd -cert -list -db "<DOORS_install_dir>\certdb\client_authentication.kdb" -pw cli123 -expiry
  3. To identify the server certificate expiration, enter this command: gsk8capicmd -cert -list -db "<DOORS_install_dir>\certdb\server_authentication.kdb" -pw ser123 -expiry

Feedback