Remedy AR System Mid Tier - Enable SSL/HTTPS on Tomcat servers

Version 2
    Share This:

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    Remedy AR System Server


    COMPONENT:

    AR System Mid Tier


    APPLIES TO:

    BMC Remedy Mid-tier Apache Tomcat



    PROBLEM:

     

    How to enable SSL/HTTPS on Tomcat servers

    How to import certificate in web server.

    How to configure midtier with SSL certificate

     


    CAUSE:

    Web application security feature


    SOLUTION:

     

    The configuration to enable SSL (https)   done at the web server level. Remedy components only use the webserver SSL infrastructure but Remedy components don't contain code that modifies or configures SSL

    The configuration is a property of the Web Server in use.  To set it up properly, check the documentation of the vendor of the web server (eg tomcat), also if a load balancer is in use ssl certificates may be required at that level too

    Take into consideration that part of this configuration requires the involvement of IT security staff as the certificates must be signed by a valid certificate authority either inside or outside your organization.  In either option a Certificate Authority needs to sign the certificate that will be installed on tomcat like https://www.digicert.com/ssl/ <https://www.digicert.com/ssl/>, letsencrypt.org or others.

    There are two parts of this configuration, having a valid certificate for the web server and setting the certificate in the web server configuration. For the first part (gathering a signed certificate) we only can make suggestions or provide standard java tools to verify certificate validity. Please verify how a certificate is created and signed according to your organization policies. 

    For the second part vendors such as tomcat publish its own documentation 

    Here is vendor information on setting up SSL for a Tomcat webserver:
    http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html
    http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html
    http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
    http://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html

    Resolution of issues related to SSL setup may require the involvement of your webserver expert.

    Organizations such as https://wiki.owasp.org/index.php/Securing_tomcat provide additional security settings that may be valuable for your scenario

    By default tomcat would store plain text passwords on server.xml file. 

     


    Article Number:

    000288208


    Article Type:

    Solutions to a Product Problem



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles