Previous Topic: Deploy Default ReportsNext Topic: Uninstallation

Installation GuideServer InstallationReport ServerHigh-Availability: Identity Management Server 2Secure the Report Server with SSL

Secure the Report Server with SSL

The Identity Management Server and Report Server communicate over a non-secure connection. Secure Sockets Layer (SSL) connection can be used to secure the connection between Report Server and The Identity Management Server.

An SSL connection ensures that the communication is encrypted when data is accessed from the Report Server. Before configuring the SSL, verify that the BO (Business Objects) Server has HTTPS enabled. To secure the connection with SSL, self-signed certificate or the certificate from the Certified Authority (CA) can be used.

The following procedure describes how to configure an SSL certificate using self-signed certificate.

Follow these steps:

  1. Export the certificate from the keystore used in the BO Server, using any tool which generates a certificate.
  2. Copy the certificate to a directory where the Identity Management Server is installed.
  3. Import the Certificate in to the Java trust store (cacerts). Also, verify that the certificate is imported in to the java version which is currently used by CA IdentityMinderIdentity Management Server.
  4. Restart the Application Server for the changes to take effect.
  5. In The User Console, go to System, Reporting, Report Server Connection. Select the Secure Connection option.
  6. Click Test Connection to verify the connectivity.

The following procedure is an example on how to export and import a certificate using the Keytool utility.

  1. In the Business Objects Report Server, open the command prompt and enter the following command to export the certificate from the keystore: 
    ../jvm/bin/keytool -export -alias testcert -file certificate.cer -keystore /root/.keystore  -storepass <keystore password>
  2. Copy the certificate to a directory where the Identity Management Server is installed.
  3. In the Identity Management Server, open the command prompt and enter the following command to import the certificate into the keystore: 
    ../jvm/bin/Keytool -import - trustcacerts -file /root/certificater.cer -alias testcert -keystore JAVA_HOME/jre/lib/security/cacerts -storepass password

    The certificate is successfully installed.

Note: We recommend that you refer to the vendor-specific documentation to configure SSL on the Report Server. The Report Server supports Tomcat and IIS servers.