Previous Topic: Merge Keystore FilesNext Topic: Edit the Server.xml File to Support SSL

ConfiguringHow to Configure CA Service Catalog to Use Secure Socket LayerConfigure CA Service Catalog to Use Secure Socket Layer

Configure CA Service Catalog to Use Secure Socket Layer

Configure CA Service Catalog to use Secure Socket Layer (SSL).

Follow these steps:

  1. Edit the server.xml file to support SSL.

    The file is updated to help support SSL for CA Service Catalog.

  2. Open the USM_HOME\view\conf\viewService.conf file, using a text editor such as Notepad, and perform the following action:

    USM_HOME is the documentation convention that specifies the local CA Service Catalog installation directory. For 32-bit computers, the default path name is C:\Program Files\CA\Service Catalog. For 64-bit computers, the default path name is C:\Program Files (x86)\CA\Service Catalog for 32-bit installations or C:\Program Files\CA\Service Catalog for 64-bit installations.

    1. Update the following line with the path name and file name of the keystore file: 
      wrapper.java.additional.number=-Djavax.net.ssl.trustStore="USM_HOME/.keystore"
    2. Update the following line with the password of the keystore file: 
      wrapper.java.additional.number=-Djavax.net.ssl.trustPass=changeit
    3. Save and close the viewService.conf file.
  3. On the CA Service Catalog GUI, select Administration, Configuration, Server Information.

    The cursor moves to the Server Information section.

  4. Complete the fields in this section as follows:

    For Host Name, specify the name of the host where CA Service Catalog is installed.

    For Port Number, specify the port where HTTPS is configured.

    For Enable HTTPS, specify Yes.

  5. Restart CA Service Catalog.
  6. Log in to CA Service Catalog using the URL https://hostname:port/usm/wpf rather than URL http://hostname:port/usm/wpf.

    You see a trusted certificate prompt, which indicates that you are using HTTPS.

  7. Optionally, disable HTTP access by commenting the section for the HTTP connector. To do so, add the "<!--" and "-->" comment markers to the first and last lines, as shown in the following example: 
    <!--
<Connector port="8080" enableLookups="false" redirectPort="8443" tomcatAuthentication="false"
      maxThreads="400" minSpareThreads="25" maxSpareThreads="100" debug="0" connectionTimeout="15000" 
      disableUploadTimeout="true" compression="on" compressionMinSize="2048" 
      compressableMimeType="text/html,text/plain,text/xml,text/css,text/javascript,image/png,image/gif,image/jpeg,application/json"
      useBodyEncodingForURI="false" URIEncoding="UTF-8" />
-->

You have configured CA Service Catalog to use SSL.