This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.
Remedy AR System Server
AR System Mid Tier
BMC Remedy Mid-tier Apache Tomcat
How to enable SSL/HTTPS on Tomcat servers
How to import certificate in web server.
How to configure midtier with SSL certificate
Web application security feature
The configuration to enable SSL (https) done at the web server level. Remedy components only use the webserver SSL infrastructure but Remedy components don't contain code that modifies or configures SSL
The configuration is a property of the Web Server in use. To set it up properly, check the documentation of the vendor of the web server (eg tomcat), also if a load balancer is in use ssl certificates may be required at that level too
Take into consideration that part of this configuration requires the involvement of IT security staff as the certificates must be signed by a valid certificate authority either inside or outside your organization. In either option a Certificate Authority needs to sign the certificate that will be installed on tomcat like https://www.digicert.com/ssl/ <https://www.digicert.com/ssl/>, letsencrypt.org or others.
There are two parts of this configuration, having a valid certificate for the web server and setting the certificate in the web server configuration. For the first part (gathering a signed certificate) we only can make suggestions or provide standard java tools to verify certificate validity. Please verify how a certificate is created and signed according to your organization policies.
For the second part vendors such as tomcat publish its own documentation
Here is vendor information on setting up SSL for a Tomcat webserver:
Resolution of issues related to SSL setup may require the involvement of your webserver expert.
Organizations such as https://wiki.owasp.org/index.php/Securing_tomcat provide additional security settings that may be valuable for your scenario
By default tomcat would store plain text passwords on server.xml file.