Using HTTPS with Single Sign-On › How to Set Up HTTPS for CA Single Sign-On › Update Single Sign-On Configuration and Restart the Services

Update Single Sign-On Configuration and Restart the Services

Edit some startup files to support SSL encryption in Single Sign-On. You must also restart all CA Performance Center and Single Sign-On services to update the settings.

Follow these steps:

1. Change to the following directory:

   cd/[InstallationDirectory]/CA/PerformanceCenter/sso
   

2. Open the start.ini file for editing.
3. Find the following line and remove the '#' so that it is active:

   #/opt/CA/PerformanceCenter/sso/etc/jetty-ssl.xml
   

   where '/opt/CA' is the default installation directory.

4. Save start.ini.
5. Change to the following directory:

   cd/[InstallationDirectory]/CA/PerformanceCenter/sso/etc
   

6. Create a file named jetty-ssl.xml in that directory with the following contents:

   <?xml version="1.0"?>
   <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">
   <Configure id="Server" class="org.eclipse.jetty.server.Server">
     <Call name="addConnector">
       <Arg>
         <New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
   	     <Set name="Port">8382</Set>
   	     <Set name="maxIdleTime">30000</Set>
           <Set name="Keystore"><Property name="jetty.home" default="." />/etc/keystore</Set>
   	    <Set name="Password">***PASSWORD***</Set>
   	    <Set name="KeyPassword">***PASSWORD***</Set>
          <Set name="truststore"><Property name="jetty.home" default="." />/etc/keystore</Set>
           <Set name="trustPassword">***PASSWORD***</Set>
           <Set name="allowRenegotiate">true</Set>
         </New>
       </Arg>
     </Call>
   </Configure>
   

7. Replace all instances of the “***PASSWORD***” value with the passwords in use in your system.
8. Save jetty-ssl.xml.
9. Open the file jetty.xml.
10. Remove the following lines for the default HTTP connector:

    <Call name="addConnector">
      <Arg>
          <New class="org.eclipse.jetty.server.nio.SelectChannelConnector">
              <Set name="host"><Property name="jetty.host" /></Set>
                <!-- Changed: Used to be Property -->
               <Set name="port"><SystemProperty name="jetty.port" default="8181"/></Set>
               <Set name="maxIdleTime">300000</Set>
               <Set name="Acceptors">2</Set>
               <Set name="statsOn">false</Set>
               <Set name="confidentialPort">8443</Set>
               <Set name="lowResourcesConnections">20000</Set>
               <Set name="lowResourcesMaxIdleTime">5000</Set>
          </New>
      </Arg>
     </Call>
    

11. Save jetty.xml.
12. Change to the following directory:

    [InstallationDirectory]/CA/PerformanceCenter/sso/conf
    

13. Edit the file wrapper.conf. In the following line, replace '8381' with '8382' so that it matches the port defined in jetty-ssl.xml, described previously:

      wrapper.java.additional.2=-Djetty.port=8381
    

14. Save wrapper.conf.
15. Stop the console, device manager, and SSO services by entering the following commands:

    service caperfcenter_console stop
    

    service caperfcenter_devicemanager stop
    

    service caperfcenter_sso stop
    

16. Restart the services by entering the following commands

    service caperfcenter_sso start
    

    service caperfcenter_devicemanager start
    

    service caperfcenter_console start