Setting up CRA to work with the IBM WebSphere Liberty server


This topic explains how to set up CRA on an existing IBM WebSphere Liberty server.



The following procedures are available:

Before you begin

  • Make sure that you have installed WebSphere Liberty server.
  • Make sure that Java 17 is installed on your system and the  JAVA_HOME environment variable is set correctly. In addition, perform the following steps:

    Important

     Perform the following steps only if you are using version 4.05 or earlier of the Installation System. 

    1. In your installed WebSphere Liberty Server location, go to the dropins folder and create a folder named spring .
    2. From the root directory of the BMC file path, which you provided during installation, copy the following files:
      1. Copy the cra.war file to the newly created spring folder.
      2. Copy the cralog4j2.xml, cra_custom.properties, and configurations.json files to your configuration folder (config.folder) on WebSphere Liberty server. 

To customize the CRA application to work with the API

  1. Edit the server.env file that is located on the USS directory of your WebSphere Liberty server to set the following custom properties:

    Parameter

    Default value

    Description

    CRA_HOME

    /shrd/wlp/usr/servers/WLPSR2EJ

    The installation path of your WebSphere Liberty server

    Important

    When you install CRA on your WebSphere Liberty server, then CRA_HOME is the location of the installed WebSphere Liberty server. The CRA installer uses this path to place the required files and work as an application on the WebSphere Liberty server.

    config.folder

    config

    Enter the name of your configuration folder on WebSphere Liberty server 

    JAVA_HOME

    /usr/lpp/java/J17.0_64

    Enter the path for a 64-bit Java home directory that exists on your WebSphere Liberty server

    Important

    If you want to set a WebSphere Liberty server as https, add <feature>transportSecurity-1.0</feature> in the feature manager as shown in the following sample code:

    <!-- This section provides the details about HTTPS protocol and the port -->
    <httpEndpoint id="defaultHttpEndpoint1" http="9000" httpsPort="9485"/>

    <variable name="defaultHostName" value="yourHostName"/>  

    <featureManager>
             <feature>servlet-6.0</feature>
             <feature>springBoot-3.0</feature>
      <feature>transportSecurity-1.0</feature>  
    </featureManager>

    <!--This section provides a Keystore and truststore details when using the SSL protocol -->
    <keyStore id="defaultKeyStore" location="app_server.keystore" type="JKS" password="password"/>

    <keyStore id="defaultTrustStore" location="truststore.jks" type="JKS" password="password"/>

    <!--This section provides the details for declaring the client SSL certificate-->
    <sslDefault sslRef="defaultSSLSettings" />
      
    <ssl id="defaultSSLSettings" keyStoreRef="defaultKeyStore" sslProtocol="SSL_TLSv2" trustStoreRef="defaultTrustStore" clientAuthentication="true"/>
  2. Restart the WebSphere Liberty server started task from the proclib .
    You can now run the CRA application on your WebSphere Liberty server. 


Some content is unavailable due to permissions.

To configure the JSON Web Tokens secret key

CRA uses JSON Web Tokens (JWT) to manage the login token. After installation, the JWT key becomes static across the systems. Therefore, we recommend performing the following steps to update the key to make it unique and secure for your system:

  1. Open the cra_custom.properties file that is located on on your configuration folder (config.folder) on WebSphere Liberty server.
  2. Add the jwt.secret key. 

    jwt.secret=ThisIsTheKeyThatCanBeChangedButMustBeSameLengthWhichI64ByteLengthWe recommend changing the default value in accordance with your environment.

  3. Restart the server.

Where to go from here

When you finish setting up CRA , you can do one or more of the following tasks:

If you are not seeing the data you expect, see Troubleshooting-Common-REST-API-issues.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*