Configuring the Presentation Server to use HTTP

By default, Remedy Single Sign-On (Remedy SSO) and TrueSight Presentation Server are installed in HTTPS mode. If you want to change this to HTTP, modify the security settings both in Remedy SSO and TrueSight Presentation Server as explained in the following section:

To configure Remedy SSO to use HTTP

Do the following:

1. Log in to the Remedy SSO host computer, and navigate to the following directory:
   • (Windows): <installationDirectory>\rsso\tomcat\conf
   • (Linux): <installationDirectory>/rsso/tomcat/conf

2. Edit the web.xml file, comment the following part, and save the file:

   The commented code lines:

   <!--
   <security-constraint>

        <web-resource-collection>

           <web-resource-name>Secure context</web-resource-name>

           <url-pattern>/*</url-pattern>

        </web-resource-collection>

        <user-data-constraint>

            <transport-guarantee>CONFIDENTIAL</transport-guarantee>

        </user-data-constraint>

   </security-constraint>

   -->

   
   

3. Edit the server.xml file, delete the redirectPort parameter from the following code line, and save the file:

   

   The code line after deleting the redirectPort parameter:

   <Connector connectionTimeout="20000" enableLookups="false" maxHttpHeaderSize="2048" port="8088" protocol="HTTP/1.1"/>
4. Navigate to the <Remedy SSO Installation Directory>\rsso\bin directory, and restart the Remedy SSO server by running the following command:
   • (Windows) rsso.bat server start
   • (Linux) ./rsso server start

To configure TrueSight Presentation Server to enable HTTP mode

Do the following:

1. Log in to the Presentation Server host computer, and navigate to the following directory:

   • (Windows): <Presentation Server installation directory>\truesightpserver\modules\tomcat\conf
   • (Linux): <Presentation Server installation directory>/truesightpserver/modules/tomcat/conf

2. In a text editor, edit the \web.xml file and comment out the security-constraint section so that it reads as follows:

   <!--

   <security-constraint>

           <web-resource-collection>

               <web-resource-name>Secure context</web-resource-name>

               <url-pattern>/*</url-pattern>

               </web-resource-collection>

               

               <user-data-constraint>

               <transport-guarantee>CONFIDENTIAL</transport-guarantee>

               </user-data-constraint>

       </security-constraint>

   -->

3. In a text editor, edit the <Presentation Server installation directory>\truesightpserver\modules\tomcat\conf\server.xml file:

   1. Modify the following line:

      <Connector connectionTimeout="20000" enableLookups="false" port="80" protocol="HTTP/1.1" redirectPort="443"/>

      Then, remove the redirectPort information and copy the compressableMimeType, compression, and compressionMinSize property information from the HTTPS connector so that it reads as follows:

      <Connector connectionTimeout="20000" enableLookups="false" port="80" protocol="HTTP/1.1" compressableMimeType="text/html,text/xml,text/plain,text/css,text/javascript,application/javascript,application/json" compression="on" compressionMinSize="1024" />

      Note

      The default port for Windows is 80 and Linux is 8080. If you specified a custom port during installation, enter that port number instead.

   2. Comment out the following line so that it reads as follows:

      <!-- <Connector SSLEnabled="true" ciphers="TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
      TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_SHA256,
      TLS_ECDHE_RSA_WITH_AES_128_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_SHA,TLS_ECDHE_RSA_WITH_AES_256_SHA384,
      TLS_ECDHE_ECDSA_WITH_AES_256_SHA384,TLS_ECDHE_RSA_WITH_AES_256_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_SHA,
      TLS_DHE_RSA_WITH_AES_128_SHA256,TLS_DHE_RSA_WITH_AES_128_SHA,TLS_DHE_DSS_WITH_AES_128_SHA256,
      TLS_DHE_RSA_WITH_AES_256_SHA256,TLS_DHE_DSS_WITH_AES_256_SHA,TLS_DHE_RSA_WITH_AES_256_SHA" 
      clientAuth="false" compressableMimeType="text/html,text/xml,text/plain,text/css,text/javascript,application/javascript,application/json" compression="on" compressionMinSize="1024" keystoreFile="C:/Program Files/BMC Software/TrueSightPServer/truesightpserver/conf/secure/loginvault.ks" keystorePass="changeit" maxThreads="150" port="4435" protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https" secure="true" sslProtocol="TLSv1.2" useServerCipherSuitesOrder="true"/> 
      -->

4. From the <Presentation Server installation directory>\truesightpserver\truesightpserver\bin folder, use a command prompt to run the following commands:

   tssh properties set tspsPreferredWebServiceProtocol http

   tssh properties set tsps.xsrf.cookie.secure false

5. If you want to use the TrueSight console to deploy and install packages on a PATROL Agent, from the <Presentation Server installation directory>\truesightpserver\truesightpserver\bin folder, use a command prompt to run the following command:

   tssh properties set server.port.websrv.protocol http
6. (Fresh installation only) In a text editor, edit the <Presentation Server installation directory>\truesightpserver\conf\ha\ha.conf file and add the following line:
   ha.server.protocol=http

7. Restart the TrueSight Presentation Server. 

8. On each Infrastructure Management server connected to the TrueSight Presentation Server, set the following properties In the <Infrastructure Management installation directory>\pw\custom\conf\pronet.conf file:

   • tsps.tsim.http.enabled=true
   • pronet.xsrf.token.secure=false

9. On each Infrastructure Management server, reload the newly updated properties of the Infrastructure Management server running the pw jproperties reload command.

Related topics

Configuring-and-managing-the-Presentation-Server