Configuring SSL for web and mobile clients

To provide communication security among applications, configure SSL for the Apache Tomcat server. If you enabled SSL as part of installation, SSL is already configured. Otherwise, follow this procedure.

Best Practice

To protect data, use HTTPS to communicate to the BMC MyIT and BMC Remedy with Smart IT (Smart IT) server. You can do so either through a load balancer or reverse proxy, or by enabling HTTPS on the BMC MyIT and Smart IT server.

To configure SSL for the Tomcat server

For more information about creating a certificate, see


The self-signed certificate works only with the universal client. For mobile apps, you must use a signed certificate.

  1. Generate a self-signed certificate by running the following command:
    %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA 
    A .keystore file is generated in %USERPROFILE% (Windows) or $HOME (Linux), and the file is protected with a password.
  2. Place the generated file in the CATALINA_BASE/external-conf folder.
  3. Update CATALINA_BASE/conf/server.xml to enable HTTPS Connector:

    <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
                   maxThreads="150" scheme="https" secure="true"
                   keystoreFile="${catalina.base}/external-conf/.keystore" keystorePass="Bmcmyit1"
                   clientAuth="false" sslProtocol="TLS"

    A sample server.xml file can be found in the bsmapps\main\server\external\tomcat\conf folder. 

  4. Restart the Tomcat server.

  5. To check the configuration, open https://localhost:8443/ or https://localhost:8443/myit/rest/version in a browser.
    Upon initial access, a warning about an non-trusted certificate appears (because this is a self-signed certificate, not generated by a trusted CA).

  6. Click OK to continue.

Was this page helpful? Yes No Submitting... Thank you


  1. Florent Perot

    Hi, any information about TLS version ? 1.0 ? 1.1 ? 1.2 ?

    Jan 22, 2016 10:18
    1. Michele Marques

      Hello Florent, I apologize for not getting back to you earlier. I will have to investigate

      Mar 18, 2016 03:16
    1. Michele Marques

      Hello Florent, We support TLS 2.0. You can see more information at the Tomcat certificate documentation link, provided above in the doc. The example code also indicates that is the "SSL" protocol being supported.

      Mar 21, 2016 05:19
    1. Michele Marques

      I updated the docs. I got an update from engineering on an extra line to include that indicates the protocol to enable.

      Apr 04, 2016 02:31