How to implement HTTPS for JCP

Document ID : KB000094420
Last Modified Date : 17/05/2018
Show Technical Document Details
Introduction:

Java Communication Process

The Java Communication Process (JCP) is a special kind of communication process. Implemented in Java, it is used to host special services such as the AE REST web services.

  • The AE REST API is an easy consumable and standardized API for developers. It provides an interface for third party applications to interact with the Automation Engine and allows the user to target it not only from Java, but from many programming languages.
  • The AE REST API has a dedicated Java Communication Process (JCP) to handle the REST calls and currently supports the execution and monitoring of executions as well as the Advanced Object Search.
JCP can be connect via HTTP or HTTPS 
Environment:
- Any OS that Automation Engine support.
- Automation Engine 12.1 and above.
Instructions:

I - Adding the certificates

1/ Go to C:\Program Files\Java\jdk1.8.0_144\bin
2/ Open CMD and Issue this command: keytool -keystore keystore -alias jetty -genkey -keyalg RSA
3/ Type in 2 password and other required information.

=> The generated keystore file will be located in C:\Program Files\Java\jdk1.8.0_144\bin. You can move it to anywhere you want. 

For additional information as well as information on adding certificates see https://www.eclipse.org/jetty/documentation/9.4.x/configuring-ssl.html.

II - Update parameter in the Automation Engine configuration file​ (ucsrv.ini)

In the [REST] section, 

sslEnabled=1
keystore=C:\Program Files\Java\jdk1.8.0_144\bin\keystore (wherever you keep this keystore file)
keystorePassword=changeit (the password that you typed in step I - 3 ) 
keyPassword=changeit (the password that you typed in step I - 3 )

III - Start JCP as normal

+ Start the JCP via the command line:

java -Xmx512M -jar ucsrvjp.jar -IC:\temp\ucsrv.ini -rest

The file "ucsrvjp.jar" is provided in the same directory as the other Automation Engine files. It is used exclusively to start the JWP and JCP.

+ The JCP can also be started via ServiceManager:

java -Xmx512M -jar ucsrvjp.jar -Iucsrv.ini -svc%port% -rest

 

Additional Information:
Verify the implement HTTPS for JCP:

In JCP log file, it should generate some log as below:

20180504/102520.471 -           Jetty: Enabled Protocols [SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2] of [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2]
20180504/102520.533 -           Jetty: Started SslSocketConnector@0.0.0.0:8088