Previous Topic: Access the Web ConsoleNext Topic: Handling the Poodle Vulnerability

Getting Started with DSM Web ConsoleAccess the Web ConsoleEnable SSL for Web Console and Web Services

Enable SSL for Web Console and Web Services

Enabling Secure Socket Layer (SSL) for Web Console provides secure access to the Web Console and web services.

Note: Before you begin, you must have installed the Certificate Authority (CA) root certificate and configured SSL in your web server.

Follow these steps:

  1. Execute the following command to import the CA root certificate into the cacerts file: 
    Keytool -import -v -trustcacerts -alias wac -file rootcertname -keystore keystore_location -keypass changeit -storepass changeit
    rootcertname

    Defines the root certificate name.

    keyStore_location

    Defines the path where the keystore is located.

    Default: C:\Program Files (x86)\CA\SC\JRE\JRE_Version\lib\security\cacerts.

    keypass

    Defines the password used to protect the private key of the generated key pair.

    Default: changeit

    storepassword

    Defines the keystore password.

    Default: changeit

    On successful execution of the command, the root certificate is imported into the cacerts file.

  2. Trust the certificate by pressing the key Y when the "Trust this Certificate?" message appears.
  3. Open the file \Program Files\CA\DSM\Web Console\webapps\wac\WEB-INF\classes\com\ca\wac\config\ WACConfig.properties.
  4. Change the following parameters in the WACConfig.properties file:
    SSL Enabled

    Specifies whether SSL is enabled. Set this parameter to TRUE.

    TrustStoreFileFullPath

    Defines the path to the truststore.

    TrustStorePassword

    Defines the truststore password.

    WEBSERVICE_URL

    Defines the Web Service URL. Modify the URL to start with https instead of http. For example, https://testmachine-cm3.test.com/UDSM_R11_Webservice/mod_gsoap.dll

  5. To restart Tomcat, execute the following commands: 
    caf stop tomcat
caf start tomcat

    Tomcat services are restarted. SSL is now enabled for Web Console and web services.

  6. Type the following URL in your browser to access the Web Console in the SSL-mode: 
    https://YourWebServerName/wac

    If the SSL configuration is successful, the login page is displayed.