Information related to Business Service Insight integration with Process Automation

Document ID : KB000048049
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

Is it possible to integrate CA Business Service Insight with Process Automation and what are the considerations.

Solution:

CA Business Service Insight integration with Process Automation is possible.

In order to integrate Business Service Insight with PAM, CA provides customized SOAP call PAM operators that are based on the CA Business Service Insight Open API.

Following points should be considered while performing integration.

Both BSI and PAM use fair amount of CPU, Memory, and Disk space so ideally they should be hosted on separate servers.

Both applications use Tomcat which means only one of the applications can use the default port (8080) , so the other application should be configured to use a different port in situations where it is necessary to host them on same server.

Note: This document is created after testing PAM 4.2 integration with Business Service Insight 8.2.5

To allow this integration to work it is mandatory to perform the following steps that are listed on the chapter 5 'Configure CA BSI Web site for PAM' of CA Business Service Insight Software Development Kit- Reference guide (Page no 334-339).

Add basicHttpBinding for SSL

Add basicHttpBinding for SSL to the Web configuration file by uncommenting the basicHttpBinding block in the Web.config file.

Follow these steps:

  1. Open the file: "C:\inetpub\wwwroot\Oblicore\API\Web.config".

  2. Go to the Bindings section "//configuration/system.serviceModel/bindings".

  3. Uncomment the elements: <basicHttpBinding> in the section <basicHttpBinding>. The result is shown in the following lines.

    <basicHttpBinding>
    <binding name="UsernameAndPasswordForSoap">
    <security mode="TransportWithMessageCredential">
    <transport clientCredentialType="None"/>
    <message clientCredentialType="UserName"/>
    </security>
    </binding>
    </basicHttpBinding>   
     Enable httpsGetEnabled 


  4. Enable httpsGetEnabled in the Web configuration file by uncommenting and commenting different serviceMetadata elements in the Web.config file.

Enable httpsGetEnabled

Follow these steps:

  1. Go to the "behavior" elements in the <behaviors> block of the Web.config file.

  2. Uncomment the serviceMetadata tag with the attribute named httpsGetEnabled, as shown here.

    <behavior name="SecureTransport">
    <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/> 


    Note: There are two services in this serviceMetadata tag.

  3. Next, comment the serviceMetadata tag with the httpGetEnable attribute as shown here:

    <behavior name="SecureTransport">
    <!--<serviceMetadata httpGetEnabled="true"/> --> 


    Note: There is one service in this serviceMetadata tag.

Add endpoints for services

For each service, add https endpoints by uncommenting the httpsBinding endpoint in the Web.config file.

Follow these steps:

  1. Go to the desired "service" block in the in the <services> block. For each service, uncomment the httpsBinding endpoint for mex and the basicHttpBinding endpoint for contract.

Note: The text doing the commenting is:


 <!--"https configuration for ITPAM integration"
 ....     
 --> 

Example:

This is a service before addition of https endpoints:


<service name="Oblicore.API.Implementations.Contract"  behaviorConfiguration="SecureTransport">
<endpoint  
 address="mex" 
 binding="mexHttpBinding" 
 contract="IMetadataExchange"/>
<endpoint 
 contract="Oblicore.API.Interfaces.IContract" 
 binding="wsHttpBinding" 
 bindingConfiguration="UsernameAndPassword"/> 
 This is the same service after unblocking the https endpoints (the commented elements are removed): 
 <service name="Oblicore.API.Implementations.Contract"
 	behaviorConfiguration="SecureTransport">
<endpoint
 address="mex"
 	binding="mexHttpBinding"
 	contract="IMetadataExchange"/>
<endpoint
 contract="Oblicore.API.Interfaces.IContract"
 	binding="wsHttpBinding"
 	bindingConfiguration="UsernameAndPassword"/>
<endpoint
 address="mex"
 	binding="mexHttpsBinding"
 	bindingConfiguration=""
 	name="mexHttpsBindingEndpoint"
 	contract="IMetadataExchange" />
<endpoint
 contract="Oblicore.API.Interfaces.IContract"
 	binding="basicHttpBinding"
 	bindingConfiguration="UsernameAndPasswordForSoap"/>
</service>

Configure the SSL connection

This section explains how to configure SSL connections for IIS.

Create a Self-signed Certificate for SSL

This section explains how to create a Self-signed Certificate for SSL.

Follow these steps:

  1. Select the server node in the treeview and double click the "Server Certificates" icon in the listview:

  2. In the "Actions" pane, click "Create Self-Signed Certificate".

    The Server Certificates dialog displays.

  3. Select the option "Create Self-Signed Certificate" and name it.

Add HTTPs Binding for IIS

This section explains how to add HTTPS binding for IIS.

Follow these steps:

  1. Open IIS Manager.

  2. In the Connections pane, expand the "Sites" node in the tree, and click "Default Web Site".

    The Actions pane displays.

  3. Click Edit Bindings.

    The Site Bindings dialog displays.

  4. Click the Add button.

    The Add Site Binding dialog box displays.

  5. Enter the correct values in the following fields:

    1. Type: Select "https".

    2. IP address: Select the default (All Unassigned).

    3. Port: Select the default (443).

    4. SSL certificate: Select the self-signed certificate for SSL that you created earlier.

Add HTTPs Binding for IIS

This section explains how to add HTTPS binding for IIS.

Follow these steps:

  1. Open IIS Manager.

  2. In the Connections pane, expand the "Sites" node in the tree, and click "Default Web Site".

    The Actions pane displays.

  3. Click Edit Bindings.

    The Site Bindings dialog displays.

  4. Click the Add button.

    The Add Site Binding dialog box displays.

  5. Enter the correct values in the following fields:

    1. Type: Select "https".

    2. IP address: Select the default (All Unassigned).

    3. Port: Select the default (443).

    4. SSL certificate: Select the self-signed certificate for SSL that you created earlier.

SSL Settings

This section explains how to enable SSL Settings.

Follow these steps:

  • To enable http and https to visit BSI services, on both the site level and the API level, do not check "Require SSL" check box under SSL Settings.

Verify Certificate

Verify that the Open API certificate exists on your CA Business Service Insight Web server.

Follow these steps:

  1. Open the web configuration file (Web.config) to locate the ServiceCertificate defined there.

Example:

<serviceCertificate findValue="CN=Oblicore" storeLocation="LocalMachine" storeName="TrustedPeople" x509FindType="FindBySubjectDistinguishedName" /> 

The certificate name in the Web.config file is "Oblicore". You must verify that an Oblicore certificate exists on the web and Therefore an "Oblicore" certificate exists on the CA Business Service Insight Web server.

  1. Open a Command Prompt window.

  2. Type mmc and press the ENTER key.

    The command console displays.

  3. On the File menu, click Add/Remove Snap In

    The Add or Remove Snap-ins dialog displays.

  4. Click Add.

  5. In the Add Standalone Snap-in dialog box, select Certificates.

  6. Click Add.

  7. In the Certificates snap-in dialog box, select Computer account and click Next.

    1. Or, you can select My User account or Service account.

  8. In the Select Computer dialog box, click Finish.

  9. In the Add Standalone Snap-in dialog box, click Close.

  10. On the Add/Remove Snap-in dialog box, click OK.

  11. In the Console Root window, click Certificates (Local Computer) to view the certificate stores for the computer.

  12. If there is no X.509 certificate for Open API, purchase an X.509 certificate and install it to the BSI Web Server machine.

  13. Restart the web site.

    1. Use "iisreset" command, or restart the IIS service in IIS manager).

    2. From the Start menu, click Run.

    3. In the Open box, type cmd, and click OK.

    4. At the command prompt, type iisreset /stop. IIS will attempt to stop all services and will return confirmation once all services have been stopped.

    5. At the command prompt, type iisreset /start.

IIS restarts.

Now the integration can be tested by running operators through PAM or invoking SOAP requests through SOAPUI.