Configuring RSA key exchange
RSA is a public key encryption algorithm that uses separate keys for encryption and decryption. You may want to use RSA key exchange if your organization stores sensitive information in Helix ALM and users log in using a username and password from client applications outside of your network.
If you use RSA key exchange, a public key fingerprint must be imported to all client applications that connect to the Helix ALM Server.
1. Click Server Options.
The
2.
3. Select Encrypt communication between clients and the server and Use RSA key exchange.
A public key is generated on the Helix ALM Server. The Fingerprint field displays the public key fingerprint, which is a short version of the public key. Public and private keys are stored in the rsakeys directory in the Helix ALM application directory on the server computer. To keep these key files secure, make sure only the user that runs the Helix ALM Server has read and modify access to them.
If you clear the Use RSA key exchange option, you are prompted that all users will need to modify their server settings. Click OK if you no longer want to use RSA. Make sure the public key fingerprint is removed from server connection settings in desktop clients and server settings in the Helix ALM Registry Utility for web clients.
4. Click Download Public Key to save an XML file that contains the Helix ALM Server address, port number, and public key fingerprint.
This file must be distributed to users so they can import it to clients that connect to the server. Make sure the file is securely stored and only administrative users have access to modify it. If a hacker has unauthorized access to the file, changes it, and it is imported to clients, your installation could be hacked.
5. Click Save to save the changes.
6. Import the server settings file to Helix ALM clients or CGIs that connect to the server.
- Helix ALM Client and add-ins—See the Helix ALM help.
- Helix ALM web clients—See the Registry Utility help.