Archived Content: This information is no longer maintained and is provided "as is" for your convenience.
Summary
Question
It is not possible to connect to Autopass 10.7 from a machine with UFT 14.0x or previous by default. In order to be able to connect to Autopass 10.7 from a UFT 14.0x machine some changes need to be done in UFT machine.
Answer
AutopassNClient 9.X (Autopass Libraries using by prior UFT 14.50 versions – 14.01,14.02 and 14.03) cannot connect Autopass License server 10.7 version because of certificate change (earlier we use Built-in HP certificate used by Autopass Server but due to organizational changes from HPE to MicroFocus and as per security standard we removed the existing certificate and using self-signed certificate).
The Autopass License Server is a web server based on Tomcat. The installed certificate (setup automatically at installation of software) can be changed as any other Tomcat based web server. For more information about updating server's certificate configuration, see Tomcat's documentation: https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html
Workaround for using existing/previous APLS certificate
IMPORTANT:
Note: HP certificate is no longer supported by MicroFocus and will not be packaged OR made available for download. Micro Focus strongly recommends the organization to configure their company approved certificate. The following steps are provided as work around and MicroFocus is not responsible for continuous use of HP certificate.
-
To retain older certificate and before uninstall previous version of APLS:
Please take a backup of the java key store (*.jks) file from the following Windows folder path or the Linux folder path,
Windows Installation Path
For APLS version <= 10.5.0, key store found in installation path is,
“C:\Program Files\HP\HP AutoPass License Server\HP AutoPass License Server\HP AutoPass License Server\conf\keystore.jks”
For APLS version > 10.5.0, key store found in installation path is
“C:\Program Files\autopass\apls\apls\conf\keystore.jks”
Linux Installation Path
For APLS version <= 10.5.0, key store found in installation path is,
“/opt/HP/HP AutoPass License Server/HP AutoPass License Server/HP AutoPass License Server/conf/keystore.jks”
For APLS version > 10.5.0, key store found in installation path is
“/opt/autopass/apls/apls/conf/keystore.jks”
-
Uninstallation of the older version
Once you have a backup of the keystore.jks (previous step), please uninstall the older version of APLS.
Any issues on uninstalling the AutoPass License Server from Control Panel->Programs->Programs and Features, try the following options,
- Use the original setup.exe or setup.bin to uninstall the application
- OR
(2.a) Stop the APLS service
(2.b)Delete the
(2.c) delete ZeroGRegistry XML file (for windows the path is C:\Program Files and for Linux, the path is /var/.com.zerog.registry.xml)
(2.d) Use the SC command to delete the APLS service.
In Windows, the command to delete the service is as follows.
SC DELETE aplsLicSrv
In Linux, the command to delete the service is as follows.
systemctl stop [aplsLicSrv]
-
Install and merge the backed up keystore.jks with the new keystore.jks
Install the latest version APLS 10.7.0 and above. Once installation is successful, please do the following
Open command prompt or Linux console and change directory to the following path (based on the operating system – windows or Linux)
Windows JRE path
cd C:\Program Files\autopass\jre\jre\bin
Linux JRE path
cd “/opt/autopass/jre/jre/bin”
Now run the following command:
keytool -importkeystore -srckeystore <backup_foler_path>/keystore.jks -destkeystore <installation_path>/keystore.jks -srcstorepass autopass -deststorepass Na1@Rp$ -srckeypass autopass -destkeypass "Na1@Rp$" -alias "hp_cert" -noprompt
Term explanation:
< backup_foler_path> is the folder path where you have taken the backup of the keystore.jks
<installation_path> is either “C:\Program Files\autopass\apls\apls\conf\” (for windows) or “/opt/autopass/apls/apls/conf/” (for linux)
- Update server.xml
Edit the server.xml, which can be either found in “C:\Program Files\autopass\apls\apls\conf\” (for windows) or “/opt/autopass/apls/apls/conf/” (for linux) and update the following section with highlighted value.
<Connector executor="tomcatThreadPool" namePrefix="catalina-exec-" protocol="org.apache.coyote.http11.Http11NioProtocol" port="5814" maxThreads="1000" maxIdleTime="300000" minSpareThreads="25" tcpNoDelay="true" enableLookups="false" maxConnections="100000" SSLEnabled="true" scheme="https" secure="true" sslProtocol="TLS" sslEnabledProtocols="TLSv1.2" compression="on" compressionMinSize="128" compressableMimeType="text/html, text/xml,text/plain,text/javascript,text/css," keystoreFile="C:\Program Files\autopass/apls/apls/conf/keystore.jks" keystorePass="Na1@Rp$" keyAlias="hp_cert" ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA" clientAuth="false" connectionTimeout="300000" keepAliveTimeout="300000" server="AutoPass License Server"/> |
-
Restart the service
You need to restart the service for the above changes to take place.
In windows, run the services.msc. Find “AutoPass License Server” service and restart the service.
In Linux, run the command - “service hpLicenseServer restart”