Configuring › How to Configure CA Service Catalog to Use Secure Socket Layer › Configure Service View to Use Secure Socket Layer

Configure Service View to Use Secure Socket Layer

As part of configuring CA Service Catalog to use Secure Socket Layer (SSL), you configure Service View to use SSL.

To configure Service View to use Secure Socket Layer

1. Edit the %USM_HOME%\view\conf\server.xml file, using a text editor such as Notepad.
2. Search for the following section and enable the commented section by removing "<!--" and "-->" from the first and last lines, as shown in the following example:

   <!-- 
   <Connector port="8443" maxHttpHeaderSize="8192" 
         maxThreads="150" minSpareThreads="25" maxSpareThreads="75" 
         enableLookups="false" disableUploadTimeout="true" 
         acceptCount="100" scheme="https" secure="true" 
         clientAuth="false" sslProtocol="TLS" keystoreFile="C:\Program Files\CA\Service Delivery\.keystore" keyAlias="alias_name"/> 
   ->
   

3. The port being used is 8443. You may change this value to another secure socket layer port, as needed.
4. If you are using an existing keystore or have changed the CA Service Catalog installation path or generated keystore name, do the following in the XML shown earlier in these steps:
   • Update the keystoreFile parameter with the correct path and file name, typically "%USM_HOME%\.keystore"
   • Update the keyAlias parameter with the alias_name that you specified when you created a keystore file for CA Service Catalog
5. Save and close the server.xml file.
6. Edit the view\conf\viewService.conf file, using a text editor such as Notepad.
7. Update the following line with the path name and file name of the keystore file:

   wrapper.java.additional.number=-Djavax.net.ssl.trustStore="%USM_HOME%/.keystore"
   

8. Update the following line with the password of the keystore file:

   wrapper.java.additional.number=-Djavax.net.ssl.trustPass=changeit
   

9. Save and close the viewService.conf file.
10. On the CA Service Catalog GUI, select Administration, Configuration, Server Information.

    The cursor moves to the Server Information section.

11. Complete the fields in this section as follows:

    For Host Name, specify the name of the host where Service View is installed.

    For Port Number, specify the port where HTTPS is configured.

    For Enable HTTPS, specify Yes.

12. Move to the CA Workflow configuration section and click Configure.

    The USM Workflow actors are updated to use HTTPS communication.

13. Restart Service View.
14. Log in to CA Service Catalog using the URL https://hostname:port/usm/wpf rather than URL http://hostname:port/usm/wpf.

    You see a trusted certificate prompt, which indicates that you are using HTTPS.

15. Optionally, disable HTTP access by commenting the section for the HTTP connector. To do so, add the "<!--" and "-->" comment markers to the first and last lines, as shown in the following example:

    <!--
    <Connector port="8080" enableLookups="true" redirectPort="8443"
          acceptCount="100"  maxThreads="150" minSpareThreads="25" maxSpareThreads="75" debug="0" connectionTimeout="20000" disableUploadTimeout="true"
          useBodyEncodingForURI="false" URIEncoding="UTF-8" />
    -->