×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Out of support

 

This documentation supports the 8.1 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.

Click here to view the documentation for a supported version of Remedy Single Sign-On.
BMC Atrium Single Sign-On 8.1 ... Installing Installing BMC Atrium Single Sign-On on an external Tomcat server

Setting an HTTPS connection

To set up an HTTPS connection, the Tomcat server that hosts the BMC Atrium Single Sign-On server must be modified to define an HTTPS connection with an explicit truststore and an explicit keystore.

The default Tomcat server used by BMC Artium Single Sign-On uses a keystore and a truststore for secure (HTTPS, Transport Layer Security) communications. 

If the Tomcat server does not have a truststore and a keystore, new self-signed certificates must be generated using the keytool. For more information, see Installing and managing certificates in BMC Atrium Single Sign-On.

The following XML code is an example of the HTTPS connection and is one of the configuration supported.

The example shows use of keystore and truststore of type PKCS12, named keystore.p12 and cacerts.p12 along with password "keystore_password" and "truststore_password" respectively.

<Connector port="8443"
	protocol="org.apache.coyote.http11.Http11Protocol"
	SSLEnabled="true"
	maxThreads="150"
	scheme="https"
	secure="true"
	clientAuth="false"
	sslProtocol="TLS"
	ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RS
	A_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_D
	SS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA
	_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
	keystoreFile="CATALINA_HOME/conf/keystore.p12"
	keystorePass="keystore_password " 
	keystoreType="PKCS12"
	keystoreProvider="JsafeJCE"
	truststoreFile="CATALINA_HOME/conf/cacerts.p12"
	truststorePass="truststore_password"
	truststoreType="PKCS12"
	truststoreProvider="JsafeJCE"/>

Note

Switch CATALINA_HOME to the full path in the Tomcat directory. The values provided to CATALINA_HOME needs to be adjusted according to the environment.

Related topics

Creating new keystores

Importing a certificate into keystore.p12

Importing a certificate into cacerts.p12

Generating self-signed certificates

Generating and importing CA certificates

Was this page helpful? Yes No Submitting... Thank you
Last modified by Abhay Chokshi on Apr 04, 2014
setting_http_connection

Comments

Log in or register to comment.

Configuring a JVM for the Tomcat Server
Installing BMC Atrium Single Sign-On with the AR System server and Mid Tier
© Copyright 2013 - 2017 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.