Skip to Content

Securing BMC Impact Integration Web Services

BMC Impact Integration Web Services supports Transport-level security, the SSL security. It does not support WS-Security based authentication. By default, Apache Tomcat 6 is configured to support both HTTP and HTTPS connections for one-way server SSL authentication. The HTTPS SSL protocol is TLS.

After installation, you can connect to the BMC Impact Integration Web Services through both HTTP and HTTPS connectors. If you want to restrict the connection to only HTTPS, you must modify the Tomcat server configuration to set the connectors.

For information about how to limit the HTTP connector, see Modifying the security configuration.

  Default keystore files

BMC Impact Integration Web Services provides a set of keystore files for HTTPS connection. The keystore files are located in the following directory:

$IIWS_HOME/Tomcat/webapps/imws/WEB-INF/

Following tables provide details about those default keystore files.


 Details for the iiwsssl.jks keystore file


 Details for the iiwscacerts.jks keystore file


 Details for the iiwsssl.cer keystore file

Warning

Note

BMC Software recommends that you replace the default trustore and certificate files with those that meet your requirements. For more information about replacing the keystore, see Modifying the security configuration.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC ProactiveNet 9.6