How to configure the Enterprise Dashboard and Portal to be secure and use our own keystore

Document ID : KB000100732
Last Modified Date : 17/10/2018
Show Technical Document Details
Introduction:
How to configure the Enterprise Dashboard and Portal to be secure and use our own keystore.
Instructions:
Here are the steps to configure the Enterprise Dashboard and the Portal URLs to response to HTTPS requests. 

For the Enterprise Dashboard:  
To configure the Enterprise Dashboard to use HTTPS, create the dradis.properties file by copying the template _dradis.properties file to dradis.properties, and uncomment the following property:
dradis.webserver.https.enabled=true  

We now need to configure the Registry to know that the Enterprise Dashboard is using HTTPS.
Uncomment the following property in the site.properties or add it to the local.properties file:
devtest.enterprisedashboard.https.enabled=true

For the Portal:
If you don't have it already, create the phoenix.properties file, by copying the template _phoenix.properties file to phoenix.properties, and uncomment the following properties:
registry.https.enabled=true
phoenix.https.enabled=true

The properties above will enable HTTPS to your Enterprise Dashboard and Portal using the self-signed keystores delivered with DevTest.

To configure your own keystore with the Enterprise Dashboard, please place your keystore (JKS) under $DEVTEST_HOME and enable the following properties in the dradis.properties:
dradis.webserver.ssl.keystore.location=your_keystore_name.jks
dradis.webserver.ssl.keystore.password=keystore_password
dradis.webserver.ssl.keymanager.password=usually the same as keystore password.
Save the dradis.properties file.

To configure your own keystore with the Portal, enable the following properties in the phoenix.properties file:
phoenix.ssl.keystore=your_keystore_path/keystore_name.jks
phoenix.ssl.keystore.password=keystore_password
phoenix.ssl.keymanager.password=usually the same as keystore password.
Save the phoenix.properties file.
Restart the Enterprise Dashboard and the Portal Services.

If you are using a self-signed certificate or a key that is not issued to your servers, you might see some warning messages in the browser.
To not see these warn messages, the key inside your keystore needs to be issued by a trusted Certification Authority (CA) and the Common Name (CN) needs to match with the address you are using to reach the server. If you are using EnterpriseDashboardServer.domain, the common name needs to be EnterpriseDashboardServer.domain. You can also add additional names to the key using the Subject Alternative Name (SAN).

If you have questions regarding how to generate a trusted keystore issued to your servers, please contact your internal team. The keystore is not provided by CA Support.