Adjust the port and protocol settings when enabling SSL encryption in SAM and M&R.

The procedures for SSL setup assume use of the Java Keytool. You may, optionally, use a different encryption tool.

This keytool generates keystore files in the location where the commands are issued. For these SSL procedures, the following assumptions are made:

  1. When configuring M&R (Watch4net) with CLI commands, issue the commands from the bin folder of the installation path. For example, /opt/APG/bin or from c:\Program Files\APG\bin.
  2. When configuring Service Assurance Manager (SAM) with CLI commands, issue the commands from the base directory path. For example, /opt/InCharge/SAM/smarts or from c:\Program Files\InCharge\SAM\smarts.
  3. Both M&R and SAM installations include versions of Java. Check to ensure the correct versions of Java are in use in both the M&R server and in the SAM server. Java is usually installed into the ...usr/bin path. (The versions may differ between M&R and SAM.)

Workflow

  1. Edit the Reports configuration settings in the SolutionPack for Smarts to adjust port and protocol settings.
  2. Generate the SSL certificate for the M&R (Watch4net) server where the Tomcat server is running. The Java documentation provides details.
  3. Generate the SSL certificate for the Service Assurance Manager (SAM) server where the Tomcat server is running. The Java documentation provides details.
  4. Ensure the configuration settings have been adjusted for SSL. For example, check the SM_CAS_SERVER and SM_TOMCAT_SERVER settings in the runcmd_env.sh file in SAM and edit the settings to add the secure port numbers and change the protocol from http to https. (When you change runcmd_env.sh, you must stop and restart the SAM service. For example, sm_service stop|start ic-sam-server-pres)
    Note: Where SM_CAS_SERVER is the URL that identifies the M&R Tomcat server host, and it has to specify the protocol and port used to log into M&R. And, SM_TOMCAT_SERVER specifies the Fully Qualified Domain Name (FQDN) of the SAM Tomcat server.
  5. Enable the https protocol in the server.xml files in both the SAM and M&R deployments. Add the Http11Protocol and Http11NioProtocol sections if missing from the server.xml file.
  6. Export the M&R certificate and import to the SAM server.
  7. Export the SAM certificate and import to the M&R server.
  8. Stop and start the SAM Tomcat server.
  9. Restart the M&R Tomcat server.