Configuring SSL for Smart IT web and mobile clients
To provide communication security among applications, configure SSL for the Apache Tomcat server. If you enabled SSL as part of installation, SSL is already configured. Otherwise, follow this procedure.
Best practice
To configure SSL for the Tomcat server
For more information about creating a certificate, see http://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html.
Note
The self-signed certificate works only with the universal client. For mobile apps, you must use a signed certificate.
- Generate a self-signed certificate by running the following command:
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA
A .keystore file is generated in %USERPROFILE% (Windows) or $HOME (Linux), and the file is protected with a password. - Place the generated file in the CATALINA_BASE/external-conf folder.
Update CATALINA_BASE/conf/server.xml to enable HTTPS Connector:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" keystoreFile="${catalina.base}/external-conf/.keystore" keystorePass="Bmcmyit1" clientAuth="false" sslProtocol="TLS"/>
A sample server.xml file can be found in the bsmapps\main\server\external\tomcat\conf folder.
Restart the Tomcat server.
To check the configuration, open https://localhost:8443/ or https://localhost:8443/myit/rest/version in a browser.
Upon initial access, a warning about a nontrusted certificate appears (because this is a self-signed certificate, not generated by a trusted CA).Click OK to continue.
Comments
point 2 is not clear, the folders are not in the Apache dir, could you please be more clear and write the exact path.
Hello Amr,
We will look into this and update the topic.
Regards,
Nidhi
Hello Amr,
Sorry for a late reply.
Please refer to the Tomcat<version> folder.
Regards,
Nilay
do we just need to add the point #3 there inside the server.xml?
I believe that you also need to follow point #2, to put the signed certificate in the correct location. Note that these instructions were written for Smart IT 1.2. We added clarifying points to more recent documentation: 2022-05-17_02-15-32_Configuring Tomcat server (Smart IT 20.02)
Log in or register to comment.