I would like to make a secure REST call to our internal system from TM. Then I need to upload our keystore to TM and it can be loaded by Groovy, but seem no way I can't find a way to do it. Pls help if any recommended, thanks.
One method could be to use a Transact SSO Security Manager instance to hold the keystore for you. SSO Security Managers allow you to configure certificates, keystores and the security credentials that may be required to access these.
See the 'Security Managers' option located under the 'Security' menu:
The advantage of this approach is that there is built in functionality to manage keystore passwords and certificate alias etc.
Security Manager definitions can be accessed via Groovy script as follows:
// load security credentials
SecurityManager manager = DaoFactory.getSecurityManagerDao().getSecurityManagerForName(securityMgrName)
byte ssoKeystoreData = manager.getSsoKeystoreData()
String ssoKeystorePassword = manager.getSsoKeystorePassword()
byte ssoValidatorCertData = manager.getSsoValidatorCertData()
An alternative could be to use Form Space or Organisation properties (data type: image, data type: password) to achieve something similar.
Hope this helps,
I would like to ask which instance will store the keystore which I uploaded, in TM itself? or KMS of AWS, or any other place else? Thanks.
Thanks so much. I take your approach to make use of Security Manager to hold the keystore. It's work. =)