If your deployment requires the use of Secure Socket Layer (SSL), you need to perform the following steps before you launch the Dashboard with the https protocol:
The ssl-howto.html document in the BASEDIR/smarts/tomcat/webapps directory on your system provides detailed information. Or, access the document from the website: http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html.
-
Prepare a "self-signed" certificate.
If you do not purchase a Certificate from a Certificate Authority, you can generate a Certificate.
For example:
java1.5_HOME> /bin/keytool.exe -genkey -alias tomcat -keyalg RSA - keystore testKeystore Enter keystore password: changeit What is your first and last name? [Unknown]: User Name What is the name of your organizational unit? [Unknown]: Engineering What is the name of your organization? [Unknown]: VMware Smart Assurance What is the name of your City or Locality? [Unknown]: White Plains What is the name of your State or Province? [Unknown]: NY What is the two-letter country code for this unit? [Unknown]: US Is CN=User Name, OU=Engineering, O=VMware Smart Assurance, L=White Plains, ST=NY, C=US correct? [no]: yes Enter key password for <tomcat> (RETURN if same as keystore password):<Return>
-
Configure Tomcat:
-
In the Tomcat home directory, back up the conf/server.xml file. Then, edit the file.
-
Find the SSL connector element which is commented out (<!-- commented out text -->):
<-- Define an SSL HTTP/1.1 Connector on port 8443 --> <!-- <Connector port="8443" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" debug="0" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> -->
-
Uncomment the lines and edit them to include the keystore file that you created. The preceding will look like this:
<!-- Define an SSL HTTP/1.1 Connector on port 8443 --> <Connector port="8443" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" keystoreFile="C:\InCharge\SAM\smarts\tomcat\testKeystore" keystorePass="changeit" acceptCount="100" debug="0" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" />
-
Then comment out the non-SSL connector used for http, to look like this:
<!-- Define a non-SSL HTTP/1.1 Connector on the port specified during installation --> <!-- <Connector port="8080" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" redirectPort="8443" acceptCount="100" debug="0" connectionTimeout="20000" disableUploadTimeout="true" /> -->
-
If the com.smarts.layoutServlet property is defined, ensure that the dashboard.properties and webconsole.properties point to the correct URL so that the maps lay out properly:
com.smarts.layoutServlet="https://localhost:8443/tss/ LayoutServer"
-
Start the Tomcat engine using the following command:
./sm_service start ic-business-dashboard
-
In the URL that will launch the web application, replace:
http://localhost:8080/ https://localhost:8443/
-
Launch the Dashboard by typing the following URL in the browser's Address field:
https://localhost:8443/templates
The system displays a Security Alert window that provides information about the Certificate being used. On accepting it, a Directory Listing for templates is displayed, as in the case of the non-SSL Dashboard.