Configuring an external front-end web server for the Application Server

The TrueSight Capacity Optimization installer automatically installs and configures a web server as part of the web application component. Normally, no further configuration is required.

If you need to use TrueSight Capacity Optimization with your own front-end web server, complete the following procedures on this page.

Configuring Apache as a front-end web server

This section contains the following information: 

Install Apache modules 

Ensure that you have installed the Apache Web Server 2.x or later, with the following additional modules: 

  • mod_alias
  • mod_expires
  • mod_headers
  • mod_deflate
  • mod_rewrite
  • mod_proxy
  • mod_proxy_ajp

Connect Apache to the TrueSight Capacity Optimization web console 


Due to file permission constraints in TrueSight Capacity Optimization, you must add users with permissions to run the Apache Web Server to the Operating System (OS) user group that has the necessary permissions to run other TrueSight Capacity Optimization components.

Example: In a Linux environment, a privileged user can run the following command, and restart the Apache Web Server:

usermod --append --groups <bco_os_group> <apache_os_user>


Before you proceed, ensure that you can connect to using localhost as a symbolic name on Apache JServ Protocol (AJP) ports.

  1. Perform the following tasks by running the required commands as root. TrueSight Capacity Optimization aliases and directories specified in the table assume Capacity Optimization installation folder as /opt/cpit and Apache configuration stored in /etc/httpd on CentOS or RHEL 7. If your operating system or installation folder is different, replace the documented path with the appropriate path.
    1. Define TrueSight Capacity Optimization web application contexts.
      $ cd <new_apache_web_server_install>/etc/httpd/conf.d
      $ cp /opt/cpit/3rd_party/apache2/conf/bco-vhost.conf .
    2. Configure mod_deflate.
      $ cd <new_apache_web_server_install>/etc/httpd/conf.d
      $ ln -s /opt/cpit/3rd_party/apache2/conf/deflate.conf deflate.conf
    3. Configure TrueSight Capacity Optimization back-end services.

      $ cd <new_apache_web_server_install>/etc/httpd/conf
      $ ln -s /opt/cpit/3rd_party/apache2/conf/bco-dh-services bco-dh-services
    4. Copy the configuration file to the configuration directory.

      $ cd <new_apache_web_server_install>/etc/httpd/conf

      $ cp /opt/cpit/3rd_party/apache2/conf/bco-web .

    5. (If SSL is enabled) Configure the SSL transport.

      $ cd <new_apache_web_server_install>/etc/httpd/conf

      $ cp /opt/cpit/3rd_party/apache2/conf/ssl.conf ssl.conf
      Open the ssl.conf file and modify the paths for the certificates:

      SSLCertificateFile pki/tls/certs/
      SSLCertificateKeyFile pki/tls/private/

      SSLCertificateKeyFile /opt/cpit/3rd_party/apache2/pki/tls/private/
      SSLCertificateFile /opt/cpit/3rd_party/apache2/pki/tls/certs/
      Note: If you are planning to use a trusted certificate, update the path to link to the proper certificate.

  2. Navigate to the /etc/httpd/conf directory, open the bco-vhost.conf file, and edit the following parameters:

    1. (Optional) Search for Listen and check the configured port. Depending on configured port, edit the values:

      HTTPS (8443)HTTP (8000)


      Listen 8443
      <VirtualHost *:8443>


      Listen 443
      <VirtualHost *:443>


      Listen 8000
      <VirtualHost *:8000>


      Listen 80
      <VirtualHost *:80>

      Do not modify values for ports 8280 and 8380, as they are used by the Capacity Optimization components for the internal communication.

    2. (For Apache <2.4.7 only) Locate all lines with Header setifempty:

      Header setifempty X-Frame-Options SAMEORIGIN
      Header setifempty X-XSS-Protection "1; mode=block"
      Header setifempty X-Content-Type-Options nosniff
      Header setifempty Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'"

      Replace these lines with the following lines:

      Header set X-Frame-Options SAMEORIGIN
      Header set X-XSS-Protection "1; mode=block"
      Header set X-Content-Type-Options nosniff
      Header set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'"

    3. (For Apache 2.2 only) Locate the following lines:

      <IfModule !mod_ssl.c>
      IncludeOptional conf/ssl.con[f]

      Replace these lines with the following lines:

      <IfModule !mod_ssl.c>
      Include conf/ssl.con[f]

    4. Save the file.

    5. Restart the Apache Web Server to apply changes.

      For more details on Apache httpd configuration, see Apache httpd guide .

  3. (For Apache 2.2 only) Navigate to the /etc/httpd/conf directory, open the bco-web file, and replace all occurrences of Require all granted with Allow from all. Save the file.
  4. (For Apache 2.2 when SSL is enabled) Navigate to the /etc/httpd/conf directory, open the ssl.conf file, and remove the section for SSLOpenSSLConfCmd.
  5. If your linux operating system is enforcing security policies for new Apache web server, configure the web server to bid to the additional ports such as 8280, 8380, 8443, or 8000. For more information, see redhat documentation

Configuring global properties to reflect URL change on port 80 or 443

This URL is used to send emails (for example, reports) from TrueSight Capacity Optimization with the correct HTTP links. In addition, this URL enables the application to callback itself in some pages/views. 

Ensure that no task is running before you restart the components.

  1. Access the Console as administrator and select Administration > System > Global Configuration page.

  2. Edit the system.web.server.url property and enter the new HTTP URL to connect to TrueSight Capacity Optimization.

    For example,http://<HOSTNAME>/console.

  3. Log in via ssh as cpit on the server where TrueSight Capacity Optimization is installed.

  4. Restart the services to reload the configuration. To do this, access the $CPITBASE folder and run the following command: 

./cpit restart

Was this page helpful? Yes No Submitting... Thank you