You can enable security for the following actions related to the Console Server:
To enable security for actions that you perform using the product interface, replace "http" with "https" in the console URL. For example, https://Host1:9443/console/.
To enable security for actions that you perform using the CLI, type
-s in the command syntax. This applies even if you use a custom self-signed certificate. For more information about the individual CLI commands, see Using the command line interface.
The IT Data Analytics product already contains a self-signed certificate. Therefore, you do not need any configurations for enabling security for the Console Server. However, if you do not want to use the self-signed certificate provided by the product, you need to generate a custom self-signed certificate and perform the instructions that follow.
Before you begin enabling security for the Console Server with a custom self-signed certificate, ensure that you have generated a KeyStore in the JKS format. For more information, see Generating a KeyStore and TrustStore.
Locate the server.xml file at one of the following locations:
In the server.xml file, add the following properties with appropriate values, depending on the KeyStore that you generated earlier (see the following example).
Navigate to the following location to locate the olaengineCustomConfig.properties file and the searchserviceCustomConfig.properties file.
In the olaengineCustomConfig.properties file, add the following properties:
In the searchserviceCustomConfig.properties file, add the following properties:
Import the self-signed certificate into the Console Server's Java Runtime Environment (JRE) by using the following command:
-trustcacerts -alias <HostName-or-IP> -keystore $BMC_ITDA_HOME/jre/lib/security/cacerts -file <Certificate-Path>
<HostName-or-IP> refers to the host name or IP address of the computer on which the Console Server is located.
<Certificate-Path> refers to the absolute path to the self-signed certificate of the Console Server.