How do I configure Unicenter Asset Portfolio Management 11.3.4 to operate in a Secure Sockets Layer (SSL) environment?

Document ID : KB000025682
Last Modified Date : 14/02/2018
Show Technical Document Details

Question: 

How do I configure the Unicenter Asset Portfolio Management (UAPM) 11.3.4 product to operate in a Secure Socket Layer (SSL) environment?

Answer:

Configuring UAPM to operate with SSL involves creating a certificate, configuring IIS for SSL, and configuring UAPM for SSL.
Follow the detailed steps below. 

I.  Create a certificate

    You can create a temporary certificate or obtain a certificate from a certificate provider.  The steps below demonstrate how to create a temporary test certificate.

  1. Start -> All Programs -> Microsoft Visual Studio 2005 -> Visual Studio Tools -> Visual Studio 2005 Command Prompt
  2. Run the following command:  makecert -r -pe -n "CN=localhost" -b 01/01/2000 -e 01/01/2036 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localMachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12

Figure 1

 

II.  Configure IIS Web Site to use Secure Socket Layer (SSL) communication

    1. Open the IIS Management Console

      Figure 2

    2. Right click on Default Web Site and go to Properties

      Figure 3

      Note : SSL Port will be disabled if no certificates are registered

    3. Select the Directory Security tab

      Figure 4

    4. Click the Server Certificate button

      Figure 5

    5. Click Next

      Figure 6

    6. Choose Assign an existing certificate

      Figure 7

    7. Choose certificate with localhost in Issued To

    8. Click Next 

      Figure 8

    9. Click Next

      Figure 9

    10. Click Finish

    11. On the Default Web Site Properties dialog, select the Web Site tab
      The SSL Port should be enabled with the default port as 443

      Figure 10

    12. Click OK and exit the IIS Management Console



III.  Configure UAPM for SSL

1.  On the UAPM web server, edit the <drive>:\inetpub\wwwroot\APMWS\web.config file

     Add the following lines, anywhere inside the <appSettings> section, if they do not exist: 
           <add key="StateServicePath" value=""/>
          <add key="StatePortValue" value=""/>

Set these values to the same values found in the <drive:>\inetpub\wwwroot\APM\web.config file. 

Note:  The StateServicePath is only used in a web farm configuration so it may be blank. The important value is the StatePortValue.
Without the StatePortValue, the web services must lookup everything from the database every time a screen is accessed. 

2. Edit the <drive>:\inetpub\wwwroot\APM\web.config file.  Add the following lines AFTER the "StatePortValue" line and replace SERVERNAME with your actual UAPM web server name: 

     <add key="ApmWebServiceUrl" value="https://SERVERNAME/APMWS/uapm.asmx"/>
     <add key="SubGroupWebAppURL" value="https://SERVERNAME/APMWizard/Pages/SubGroup.aspx"/>
     <add key="ChangeAssetModelBaseURL" value="https://SERVERNAME/APMWizard/Pages/ ChangeAssetModel.aspx"/>
     <add key="MassChangeWebAppURL" value="https://SERVERNAME/APMWizard/Pages/Mass Change.aspx"/>

3.  Edit the <drive>:\inetpub\wwwroot\APMWIZARD\web.config file and add the following lines (anywhere within the <appSettings> section):
     <add key="ApmWebServiceUrl" value= "https://SERVERNAME/APMWS/uapm.asmx"/>

Note: Ensure that the \APM, \APMWizard and \APMWS virtual directories are secured by the same certificate.

4.  Save and close all the web.config files

5.  Restart IIS.  From a command prompt, enter:  IISRESET /noforce

6.  Launch the APM Web Client URL, and change the http:// to https:// to test