How to change adminui/wamui SSL port number

Document ID : KB000039421
Last Modified Date : 14/02/2018
Show Technical Document Details

Introduction: 

How to change adminui SSL port number

Background:  

This is very common scenario, where we would like the adminui to listen on a different SSL port number rather than the default SSL port# 8443

Environment:  

Windows, Linux & Unix 

Instructions: 

1. Stop the adminui service/process

2. Update the SSL 8443 port# within the (bindings-jboss-beans.xml) file, which can be found at <adminui_home>\server\default\conf\bindingservice.beans\META-INF directory.

Change below two entries a & b:-
a) <xsl:template match="Connector[@SSLEnabled='true' and @port = '8443']">

b) <entry>
<key>httpsPort</key>
<value>8443</value>
</entry>

3. Update the SSL 8443 port# within the (server.xml) file, which can be found at <adminui_home>\server\default\deploy\jbossweb.sar directory.

Change below two entries a & b:-

a) <Connector URIEncoding="UTF-8" acceptCount="100" address="${jboss.bind.address}" connectionTimeout="20000" emptySessionPath="true" enableLookups="false" maxHttpHeaderSize="10240" maxPostSize="0" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>

b) <Connector SSLEnabled="true" URIEncoding="UTF-8" acceptCount="100" address="${jboss.bind.address}" ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA" connectionTimeout="20000" emptySessionPath="true" enableLookups="true" keyAlias="tomcat" keystoreFile="jsse.keystore" keystorePass="changeit" keystoreType="jks" maxHttpHeaderSize="10240" maxPostSize="0" maxSpareThreads="75" minSpareThreads="5" port="8443" protocol="HTTP/1.1" scheme="https" secure="true"/>

4. Go to <adminui_home>\server\default folder and rename (or) delete "data" folder.

Note:- On restart of the adminui service, a new "data" folder will be created.

5. Start the adminui service.

6. Re-register adminui with the policy server. To re-register, execute command

"XPSRegClient <super user> -adminui-setup" Make sure this is command is executed successfully.

7. Type in the adminui URL with the NEW port number in the browser 

For example:- if you are using port 8449 as your new port number then the URL should be:-

https://<server-fqdn>:8449/iam/siteminder/adminui

8. Login

  • Above steps are applicable only if you are using embedded JBOSS application server provided along with CA SSO Administrative UI Binary.

 

  • If you are using other application server (like weblogic and websphere) please refer to the respective vendor documentation.