How to Configure the Secure Socket on the OneClick Web Server Host (Legacy KB ID CNC TS30292 )

Document ID : KB000052093
Last Modified Date : 14/02/2018
Show Technical Document Details


1.Shutdown the OneClick web server. See Start and Stop the OneClick Web Server on page 2.

2.Open <$SPECROOT>/tomcat/conf/server.xml in a text editor.

3.Locate the following section in the server.xml file:

<!-- Define a SSL Coyote HTTP/1.1 Connector on port 443 -->

<!--

<Connector


port="443" minProcessors="5" maxProcessors="75"


enableLookups="true" disableUploadTimeout="true"


acceptCount="100" debug="0" scheme="https" secure="true"

clientAuth="false" sslProtocol="TLS"

keystoreFile="<SPECROOT>/custom/keystore/cacerts"

keystorePass="changeit">

</Connector>

-->


By default the <Connector> element in the section is commented out.


The preceding XML fragment is Windows-specific, as it specifies 443 as the default port on which the OneClick web server listens for SSL communication. End users can omit the port from the URL for accessing the OneClick home page:



https://<fully_qualified_host_name>/spectrum



On a UNIX-based installation, the OneClick web server is not run as root, and the default port is 8443 (because it must be greater than 1024). As a result, end users must specify the port number in the web browser when they enter the URL to access the OneClick home page:



https://<fully_qualified_host_name>:8443/spectrum



4.Remove the comments around the Connector definition by doing the following:



a.Remove "<!--" from the line above <Connector.



b.Remove "-->" from the end of the section (after </Connector>).



5.Replace the <SPECROOT> variable in the value for the keystoreFile attribute with the fully qualified path to the directory in which SPECTRUM is installed. This is the same cacerts file that was used for the keytool commands to generate the certificates. The following are examples:



(Windows) C:/win32app/SPECTRUM/custom/keystore/cacerts



(UNIX) /usr/SPECTRUM/custom/keystore/cacerts



6.Save and close the server.xml file.



7.Start the OneClick web server. See Start and Stop the OneClick Web Server on page 2.


Additional details on configuring OneClick and SSL, as well as documentation for additional configuration parameters, are available on the OneClick web server at /tomcat-docs/ssl-howto.html">http://<hostname>/tomcat-docs/ssl-howto.html.

.

Related Issues/Questions:
How to Configure the Secure Socket on the OneClick Web Server Host

Problem Environment:
SPECTRUM OneClick

Additional Information:
For more information, on this procedure please refer to the OneClick Administration Guide Document Number 5166


(Legacy KB ID CNC TS30292 )