Profile picture for user tcaro

Hello

We have a requirement to operate the communication to Business Publisher 9.7 web exports with encryption

We currently use http://<servername>:<port>/businesspublisher  and want to switch to https://<servername>:<port>/businesspublisher

Is it just a matter of installing a certificate in the ARIS Cloud Controler load balancer?  [we do not use LDAP]. 

Do we need any customization in the webappserver.cfg ?

Thanks for any help !

by Thierry Caro Author
Posted on Tue, 02/17/2015 - 16:32

Update:  Publisher SSL is not set at the webappserver.cfg level.

I had no good results setting up the encryption at the Apache level (mod_ssl.so), because Publisher is a Tomcat app.  

SSL can be implemented in the Tomcat layer, based upon a certificate.  It is recommended to get a certificate from a Certificate Authority (CA), authorized for your company.  Before doing this, SSL can be tested using a self-titled certificate (a pair of public and private key), which can be generated using the keytool ORACLE Java JDK utility. The resulting .keystore should be referenced in the Tomcat's server.xml with either the openSSL method or the JSSE (Java Secure Socket Extension) method.  With JSSE, in my configuration, I updated the SSL Connector port "8443" to use the certificate like below:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" keystoreFile="<pathtothecertificate>\.keystore" keystorePass="<pass>" clientAuth="false" sslProtocol="TLS" />

The keytool command was:

keytool.exe -genkey -alias tomcat -keyalg RSA -storepass <pass> -keypass <pass> -keystore .keystore

The same method also works for implementing SSL for the Publisher 7.

Hope this helps,  Best regards to all.

 

 

0

Featured achievement

Rookie
Say hello to the ARIS Community! Personalize your community experience by following forums or tags, liking a post or uploading a profile picture.
Recent Unlocks

Leaderboard

|
icon-arrow-down icon-arrow-cerulean-left icon-arrow-cerulean-right icon-arrow-down icon-arrow-left icon-arrow-right icon-arrow icon-back icon-close icon-comments icon-correct-answer icon-tick icon-download icon-facebook icon-flag icon-google-plus icon-hamburger icon-in icon-info icon-instagram icon-login-true icon-login icon-mail-notification icon-mail icon-mortarboard icon-newsletter icon-notification icon-pinterest icon-plus icon-rss icon-search icon-share icon-shield icon-snapchat icon-star icon-tutorials icon-twitter icon-universities icon-videos icon-views icon-whatsapp icon-xing icon-youtube icon-jobs icon-heart icon-heart2 aris-express bpm-glossary help-intro help-design Process_Mining_Icon help-publishing help-administration help-dashboarding help-archive help-risk icon-knowledge icon-question icon-events icon-message icon-more icon-pencil forum-icon icon-lock