×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Space banner

   

This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.
BMC Remedy with Smart IT 1.2 ... Installing Configuring Smart IT after installation

Configuring SSL for Smart IT web and mobile clients

To provide communication security among applications, configure SSL for the Apache Tomcat server. If you enabled SSL as part of installation, SSL is already configured. Otherwise, follow this procedure.

Best practice

To protect data, use HTTPS to communicate to the BMC MyIT and BMC Remedy with Smart IT (Smart IT) server. You can do so either through a load balancer or reverse proxy, or by enabling HTTPS on the BMC MyIT and Smart IT server.

To configure SSL for the Tomcat server

For more information about creating a certificate, see http://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html.

Note

The self-signed certificate works only with the universal client. For mobile apps, you must use a signed certificate.

  1. Generate a self-signed certificate by running the following command:
    %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA 
    A .keystore file is generated in %USERPROFILE% (Windows) or $HOME (Linux), and the file is protected with a password.
  2. Place the generated file in the CATALINA_BASE/external-conf folder.

  3. Update CATALINA_BASE/conf/server.xml to enable HTTPS Connector:

    <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               keystoreFile="${catalina.base}/external-conf/.keystore" keystorePass="Bmcmyit1"
               clientAuth="false" sslProtocol="TLS"/>

    A sample server.xml file can be found in the bsmapps\main\server\external\tomcat\conf folder. 

  4. Restart the Tomcat server.

  5. To check the configuration, open https://localhost:8443/ or https://localhost:8443/myit/rest/version in a browser.
    Upon initial access, a warning about a nontrusted certificate appears (because this is a self-signed certificate, not generated by a trusted CA).

  6. Click OK to continue.

This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Last modified by Michele Marques on Oct 18, 2015
task tomcat ssl post-installation configuration

Comments

  1. Amr Tawalbeh

    point 2 is not clear, the folders are not in the Apache dir, could you please be more clear and write the exact path.

    May 03, 2017 02:03
    1. Nidhi Das

      Hello Amr,

      We will look into this and update the topic.

      Regards,
      Nidhi

      May 03, 2017 04:13
    1. Nilay Agambagis

      Hello Amr,

      Sorry for a late reply.

      Please refer to the Tomcat<version> folder.

      Regards,

      Nilay

      Jan 09, 2018 03:13
  2. Muhammad zahiruddin Shaiful bahri

    do we just need to add the point #3 there inside the server.xml?

    Apr 15, 2021 12:08
    1. Michele Marques

      I believe that you also need to follow point #2, to put the signed certificate in the correct location. Note that these instructions were written for Smart IT 1.2. We added clarifying points to more recent documentation: 2022-05-17_02-15-32_Configuring Tomcat server (Smart IT 20.02)

      Apr 15, 2021 10:44

Log in or register to comment.

Configuring Smart IT after installation
Integrating Smart IT with LDAP for broadcasting
© Copyright 2015 - 2018 BMC Software, Inc. © Copyright 2015 - 2018 BladeLogic, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.