openssl s_client -connect [SD Elements or Issue Tracker URL]:443 <<<'' | openssl x509 -out /tmp/cacert.pem
Troubleshooting
If a user has the proper project permissions, any errors that occur
while running integration steps will display in the web interface. More
information about integrating with third-party systems can be found by adding -d
(debug)
command-line arguments.
Trust a new TLS Certificate
Import a trusted CA certificate to the Windows Certificate Store by double-clicking it and following the Certificate Import Wizard.
-
Obtain a remote self-signed server certificate using openssl:
-
Manually add an SSL certificate into the system CA bundle by first determining your Linux distribution:
-
As a user for Centos/RHEL with sudo permissions, where your certificate exists as
/tmp/cacert.pem
:sudo cp /tmp/cacert.pem /etc/pki/ca-trust/source/anchors/ sudo update-ca-trust enable && sudo update-ca-trust extract
-
As a user for Ubuntu with sudo permissions, where your certificate exists as
/tmp/cacert.pem
:sudo apt-get install ca-certificates sudo cp /tmp/cacert.pem /usr/local/share/ca-certificates sudo update-ca-certificates --fresh
-
Disable TLS certification validation for integrations
If you are unable to install a custom certificate for the integration tool or wish to temporarily disable it for testing, follow the steps below to disable the verification check.
This can be configured in the setup wizard by toggling the corresponding option for issue tracker, verification tool, or LDAP. It can still be modified post-installation via the config.txt
file in the installation location.
Inside the config.txt
file, change the boolean value for the corresponding entry under the commands_params field from True to False.
Example config that disables all SSL validation certs:
[sdelements]
...
command_params={"issue_tracker_validate_cert":"False", "analysis_validate_cert":"False", "ldap_validate_cert":"False"}
You can modify RIA command to optionally include the argument --command_params
to specify which validation check to disable or modify the config file similar to Windows.
Example command to disable SSL verification check for issue trackers:
python sderic.py command_driver --sde_api_token=APIv2_CONNECTION_STRING --command_params='{"issue_tracker_validate_cert":"False"}'
Run a specific integration type for an Issue Tracker or scanner
The ##
value is a database ID. This value is not shown on the Web UI, but you can find it in the project connection links:
python sderic.py command_driver --filter_connections=alm-## --sde_api_token=APIv2_CONNECTION_STRING
-
Navigate to the SDE Project > Integration page to find a list of connections with a "Sync" button.
-
Click the button to start syncing the Tasks over to an Issue Tracker (such as Jira or Rally).
-
Examine the links of each connection. These links have a form similar to:
https://your.server.com/bunits/general/demo-application/demo-project/integration/issue-tracker/335
-
When you find the integration you want to run, examine its URL to ensure it is similar to the one above.
Connect through a proxy
The Remote Integration Console can normally detect when it should connect through a proxy server. In cases where it cannot, it is possible to manually configure it to do so.
-
Open "integrate.bat" in the application directory. By default it is located at:
C:\Users\YOUR-NAME\AppData\Local\Programs\SD Elements Remote Integration\integrate.bat
-
Add the proxy’s server and port to the top of the file:
SET https_proxy=http://someproxy.com:3128
-
Before calling the "python sderic.py" process, set the "https_proxy" environment variable to the proxy’s server and port:
export https_proxy=http://someproxy.com:3128
Note
|
Try HTTPS_PROXY if https_proxy does not give the desired behavior. If connecting over http to the server, replace https_proxy with http_proxy .
|
Bypass the proxy for certain hosts
When a proxy is configured, all connections flow through it. There are
situations when the Remote Integration Agent needs to connect through a proxy
to access SD Elements, but connect normally to an internal Issue Tracker server
(internal.alm.server
). In this case, set the no_proxy
environment variable.
-
Open "integrate.bat" in the application directory. By default, it is located here:
C:\Users\YOUR-NAME\AppData\Local\Programs\SD Elements Remote Integration\integrate.bat
-
Add the following line using your internal server name (FQDN or IP):
SET no_proxy=internal.alm.server
-
Before calling the "python sde.py" process, set the "no_proxy" environment variable and include your internal server name (FQDN or IP):
export no_proxy=internal.alm.server
Note
|
Try NO_PROXY if no_proxy does not give the desired behavior.
|
Tip
|
Add additional servers to the no_proxy setting by separating each FQDN or IP with a comma.
|