How to use JSSE implementation to enable SSL in CMEW when running it as standalone webserver

Document ID : KB000032437
Last Modified Date : 14/02/2018
Show Technical Document Details

Question:

CA Change Manager Enterprise Workbench (CMEW) is based on Apache Tomcat, how to use JSEE (Java runtime) implementation to enable SSL for CMEW when running it as standalone webserver ?

 

Answer:

First, create a keystore file on windows system to store server’s private key and self-signed certificate by running the following command:

"%JAVA_HOME%\bin\keytool" -genkeypair -alias tomcat -keyalg RSA   -keystore c:/tomcat.keystore –storepass changeit

 

You will be prompted for general information about this Certificate, such as company, contact name, and so on, press the ENTER key at the last prompt will automatically uses the same password for the key as the keystore.

Once the keystore file is successfully created, the next step is to edit Tomcat configuration file -$Tomcat_Home/conf/server.xml to enable SSL.

Here is example of connector element for SSL support using JSEE NIO implementation on Tomcat 7: 

connector.png

 

After finishing the configuration changes, restart Tomcat, you should be able to access CMEW supported by Tomcat via SSL. For example, try:

https://localhost:8443/ew