Adjust the port and protocol settings when enabling SSL encryption in SAM and M&R.
The procedures for SSL setup assume use of the Java Keytool. You may, optionally, use a different encryption tool.
This keytool generates keystore files in the location where the commands are issued. For these SSL procedures, the following assumptions are made:
- When configuring M&R (Watch4net) with CLI commands, issue the commands from the bin folder of the installation path. For example, /opt/APG/bin or from c:\Program Files\APG\bin.
- When configuring Service Assurance Manager (SAM) with CLI commands, issue the commands from the base directory path. For example, /opt/InCharge/SAM/smarts or from c:\Program Files\InCharge\SAM\smarts.
- Both M&R and SAM installations include versions of Java. Check to ensure the correct versions of Java are in use in both the M&R server and in the SAM server. Java is usually installed into the ...usr/bin path. (The versions may differ between M&R and SAM.)
- Edit the Reports configuration settings in the SolutionPack for Smarts to adjust port and protocol settings.
- Generate the SSL certificate for the M&R (Watch4net) server where the Tomcat server is running. The Java documentation provides details.
- Generate the SSL certificate for the Service Assurance Manager (SAM) server where the Tomcat server is running. The Java documentation provides details.
- Ensure the configuration settings have been adjusted for SSL. For example, check the SM_CAS_SERVER and SM_TOMCAT_SERVER settings in the runcmd_env.sh file in SAM and edit the settings to add the secure port numbers and change the protocol from http to https. (When you change runcmd_env.sh, you must stop and restart the SAM service. For example, sm_service stop|start ic-sam-server-pres)
Note: Where SM_CAS_SERVER is the URL that identifies the M&R Tomcat server host, and it has to specify the protocol and port used to log into M&R. And, SM_TOMCAT_SERVER specifies the Fully Qualified Domain Name (FQDN) of the SAM Tomcat server.
- Enable the https protocol in the server.xml files in both the SAM and M&R deployments. Add the Http11Protocol and Http11NioProtocol sections if missing from the server.xml file.
- Export the M&R certificate and import to the SAM server.
- Export the SAM certificate and import to the M&R server.
- Stop and start the SAM Tomcat server.
- Restart the M&R Tomcat server.