Previous Topic: BusinessObjects XI 3.x Post-Installation StepNext Topic: Verify the Reporting Installation

Installation GuideJBoss VersionReport Server InstallationHow to Secure the CA IdentityMinder and Report Server Connection for JBoss/WebLogic

How to Secure the CA IdentityMinder and Report Server Connection for JBoss/WebLogic

CA IdentityMinder and Report Server communicate over a non-secure connection.. Secure Sockets Layer (SSL) connection can be used to secure the connection between Report Server and CA IdentityMinder.

An SSL connection ensures that the communication is encrypted when data is accessed from the Report Server. Before configuring the SSL, verify that the BO (Business Objects) Server has HTTPS enabled. To secure the connection with SSL, self-signed certificate or the certificate from the Certified Authority (CA) can be used.

To configure an SSL certificate using self-signed certificate, perform the following steps:

  1. Export the certificate from the keystore used in the BO Server, using any tool which generates a certificate.
  2. Copy the certificate to a directory where the CA IdentityMinder is installed.
  3. Import the Certificate in to the Java trust store (cacerts). Also, verify that the certificate is imported in to the java version which is currently used by CA IdentityMinder server.
  4. Restart the Application Server for the changes to take effect.
  5. In CA IdentityMinder, go to System, Reporting, Report Server Connection. Select the Secure Connection option.
  6. Click Test Connection to verify the connectivity.

The following procedure is an example on how to export and import a certificate using the Keytool utility.

Follow these steps:

  1. In the BOServer, open the command prompt and enter the following command to export the certificate from the keystore:

    Windows:

    ..\jvm\bin\keytool -export -alias testcert -file certificate.cer -keystore c:\cert\.keystore  -storepass <keystore password>

    Linux or Solaris:

    ../jvm/bin/keytool -export -alias testcert -file certificate.cer -keystore /root/.keystore  -storepass <keystore password>
  2. Copy the certificate to a directory where the CA IdentityMinder is installed.
  3. In the CA IdentityMinder server, open the command prompt and enter the following command to import the certificate into the keystore:

    Windows:

    ..\jvm\bin\Keytool -import - trustcacerts -file c:\cert\certificater.cer -alias testcert -keystore JAVA_HOME\jre\lib\security\cacerts -storepass password

    Linux or Solaris:

    ../jvm/bin/Keytool -import - trustcacerts -file /root/certificater.cer -alias testcert -keystore JAVA_HOME/jre/lib/security/cacerts -storepass password

    The certificate is successfully installed.

Note: We recommend that you refer the vendor-specific documentation to configure SSL on the Report Server. The Report Server supports Tomcat and IIS servers.