Defining port settings

On the Ports tab, you can change the port settings that were established when installing BMC AMI Products for Web. The settings specific to a web product are listed only if that respective web product has been installed. Specify the settings as listed in the following table and click Apply. You can also choose to Reset the settings.

Product

Settings

Common Enterprise Services

  • Strobe communication - Used for communication between the mainframe and the client.
  • Common Enterprise Services shutdown - Used to stop the web application.
  • Internal messaging - Provides additional processing capacity.
  • Derby - Used to start the embedded Derby database.
  • Internal proxy server- Used to proxy requests to an internal server.

Abend-AID Fault Analytics

Abend-AID communication - Used by Abend-AID Fault Analytics to transmit messages.

iStrobe

SMF collection - Used by iStrobe to collect SMF data.

Topaz for Java Performance

Agent communication - Used for communication between the agent and the server. TJP listens on this.

Communication Port Security

Selective the required IBM Application Transparent Transport Layer Security (AT-TLS) on the communication ports. The following ports will be configured:

  • Strobe communication
  • SMF collection (iStrobe only)
  • Agent communication (TJP only)
  • Abend-AID communication (Fault Analytics only)

For more information on IBM AT-TLS, refer to the IBM documentation.

AT-TLS is only supported when HTTPS is configured and enabled. When the Communication Port Security settings are changed without HTTPS in use, the settings will not be used until HTTPS is configured and enabled.

This setting is not applicable for USS installs and will not display.

TLS Settings (Advanced users only)

Although the settings for the SSL/TLS protocol for CES can be set manually, this option is recommended for advanced users only. If the SSL/TLS protocol is manually set, CES will not be able to connect to applications without a matching SSL/TLS protocol until the process is undone.

To manually change the protocol, perform the following steps:

  1. Open the CES_DATA_DIR/jetty/etc directory:
    • If you are operating in a MS Windows or Linux environment, open the jetty-ssl-context.xml file.
    • If you are operating in a z/OS environment, open the jetty-ssl-context-zos.xml file.
  2. Find the line beginning with
    <Configure id="sslContextFactory" class="com.compuware.jetty.security.extension.CompuwareSslContextFactory">.
  3. Find the corresponding close tag </Configure>.
  4. Create a blank line immediately above the close tag </Configure>.

  5. Insert the following line: <Set name="protocol">TLSv1.2</Set>.
    If a security level other than TLS v1.2 is required, replace where necessary.

    Important

    Security levels other than TLS v1.2 have been decremented and are no longer considered secure, and are not recommended for use.

Related topics

Defining-the-web-server-settings

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*