3 Replies Latest reply on Dec 28, 2017 6:11 AM by Ricky .

    SSL Protocol for Smart Reporting

    Ricky .

      Hi All,

       

      I got issue while i tried to config the SSL for smart reporting.

       

      <!--  -->

          <Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"

                     maxThreads="150" SSLEnabled="true">

              <SSLHostConfig>

                  <Certificate certificateKeystoreFile="conf/localhost-rsa.jks"

                               type="RSA" />

              </SSLHostConfig>

          </Connector>

          

          <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2

               This connector uses the APR/native implementation. When using the

               APR/native implementation or the OpenSSL engine with NIO or NIO2 then

               the OpenSSL configuration attributes must be used.

          -->

          <!--   -->

          <Connector port="443" protocol="org.apache.coyote.http11.Http11AprProtocol"

                     maxThreads="150" SSLEnabled="true" >

              <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />

              <SSLHostConfig>

                  <Certificate certificateKeyFile="conf/localhost-rsa-key.pem"

                               certificateFile="conf/localhost-rsa-cert.pem"

                               certificateChainFile="conf/localhost-rsa-chain.pem"

                               type="RSA" />

              </SSLHostConfig>

          </Connector>

       

      There are 2 connector protocol in the server.xml, i tried uncomment each of the protocol and then tried to access the https://localhost:8443 or https:localhost:443 in the host but the IE browser keeps loading and show nothing.

      Which protocol i should used to enabled the HTTPS access for the smart reporting? I just need to make sure the SSL smart reporting is accessible with private key entry.

       

       

      Please advice.

       

      Regards,

      Ricky

        • 1. Re: SSL Protocol for Smart Reporting
          Carl Wilson

          Hi,

          you can use either, 443 is the standard SSL port where you do not need to provide the port in the link.

           

          e.g. https://myserver.com/

           

          If using 8443, you will need to provide the port in the link.

           

          e.g. https://myserver.com:8443/

           

          For SSL to work correctly, you need to have the associated keys and certificates all available to Tomcat for the certificate to be served up correctly, then define the location for the file containing the SSL information.  The below example shows a default keystore of ".keystore".

          If the keystore only has one certificate, you don't need to define the alias to use, but if there are multiple certificates you need to tell Tomcat what certificate to use in the keystore.

           

          Example:

           

          <!-- Define a SSL Coyote HTTP/1.1 Connector on port 443 -->
          <Connector
            protocol="org.apache.coyote.http11.Http11NioProtocol"
            port="443" maxThreads="200"
            scheme="https" secure="true" SSLEnabled="true"
            keystoreFile="${user.home}/.keystore" keystorePass="changeit"
            clientAuth="false" sslProtocol="TLS"/>

           

          Dependent on how you have the keys and certificates stored will determine how you configure the connector to access the SSL information.

           

          Apache Tomcat 8 (8.0.48) - SSL/TLS Configuration HOW-TO

           

          Cheers

          Carl

          • 2. Re: SSL Protocol for Smart Reporting
            Ravindrakumar Rodge

            You can figure out the tomcat that is used by the Smart Reporting Application.

            - In my system my SmartReporting is making use of below tomcat location

            C:\Program Files\BMC Software\ARSystem\SmartReporting\appserver\conf

            - Edit the server.xml file and modify below for SmartReporting to work with SSL.

             

            - Restart the tomcat Services used by SmartReporting and then try accessing the SmartReporting URL with port 8443.

             

            Regards,

            Ravi

            • 3. Re: SSL Protocol for Smart Reporting
              Ricky .

              Hi All,

               

              Thanks for the reply.

               

              Finally it's resolved.

              In the AR Server 9.1 we need to adjust the connector for tomcat version 8.5.6 since the oob connector in the server.xml provide the connector for apache tomcat 7.0.

               

              Regards,