Hello
We have a requirement to operate the communication to Business Publisher 9.7 web exports with encryption.
We currently use http://<servername>:<port>/businesspublisher and want to switch to https://<servername>:<port>/businesspublisher
Is it just a matter of installing a certificate in the ARIS Cloud Controler load balancer? [we do not use LDAP].
Do we need any customization in the webappserver.cfg ?
Thanks for any help !
Update: Publisher SSL is not set at the webappserver.cfg level.
I had no good results setting up the encryption at the Apache level (mod_ssl.so), because Publisher is a Tomcat app.
SSL can be implemented in the Tomcat layer, based upon a certificate. It is recommended to get a certificate from a Certificate Authority (CA), authorized for your company. Before doing this, SSL can be tested using a self-titled certificate (a pair of public and private key), which can be generated using the keytool ORACLE Java JDK utility. The resulting .keystore should be referenced in the Tomcat's server.xml with either the openSSL method or the JSSE (Java Secure Socket Extension) method. With JSSE, in my configuration, I updated the SSL Connector port "8443" to use the certificate like below:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" keystoreFile="<pathtothecertificate>\.keystore" keystorePass="<pass>" clientAuth="false" sslProtocol="TLS" />
The keytool command was:
keytool.exe -genkey -alias tomcat -keyalg RSA -storepass <pass> -keypass <pass> -keystore .keystore
The same method also works for implementing SSL for the Publisher 7.
Hope this helps, Best regards to all.