Using HTTPS with Single Sign-On › How to Set Up HTTPS for CA Single Sign-On › Configure CA Performance Center to Use HTTPS

Configure CA Performance Center to Use HTTPS

You must edit some configuration files to reflect the new website and port settings. Edit the configuration files to replace the HTTP connector with an HTTPS connector. You must also restart the CA Performance Center services so that the changes take effect.

Follow these steps:

1. Change to the following directory:

    cd/[InstallationDirectory]/CA/PerformanceCenter/PC
   

2. Open the start.ini file for editing.
3. Find the following line and remove the '#' so that it is active:

    #/opt/CA/PerformanceCenter/PC/etc/jetty-ssl.xml
   

   where '/opt/CA' is the default installation directory.

4. Save start.ini.
5. Change to the following directory:

    cd/[InstallationDirectory]/CA/PerformanceCenter/PC/etc
   

6. Create a file named 'jetty-ssl.xml' in that directory with the following contents:

   <?xml version="1.0"?>
   <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">
   
   <Configure id="Server" class="org.eclipse.jetty.server.Server">
     <Call name="addConnector">
       <Arg>
         <New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
   	     <Set name="Port">8182</Set>
   	     <Set name="maxIdleTime">30000</Set>
            <Set name="Keystore"><Property name="jetty.home" default="." />/etc/keystore</Set>
           <Set name="Password">***PASSWORD***</Set>
   	    <Set name="KeyPassword">***PASSWORD***</Set>
          <Set name="truststore"><Property name="jetty.home" default="." />/etc/keystore</Set>
           <Set name="trustPassword">***PASSWORD***</Set>
           <Set name="allowRenegotiate">true</Set>
         </New>
       </Arg>
     </Call>
   </Configure>
   

7. Replace all instances of the “***PASSWORD***” value with the passwords in use in your system.
8. Open the file jetty.xml for editing.
9. Remove the following lines for the default HTTP connector:

   <Call name="addConnector">
     <Arg>
         <New class="org.eclipse.jetty.server.nio.SelectChannelConnector">
             <Set name="host"><Property name="jetty.host" /></Set>
               <!-- Changed: Used to be Property -->
              <Set name="port"><SystemProperty name="jetty.port" default="8181"/></Set>
              <Set name="maxIdleTime">300000</Set>
              <Set name="Acceptors">2</Set>
              <Set name="statsOn">false</Set>
              <Set name="confidentialPort">8443</Set>
              <Set name="lowResourcesConnections">20000</Set>
              <Set name="lowResourcesMaxIdleTime">5000</Set>
         </New>
     </Arg>
    </Call>
   

10. Save jetty.xml.
11. Change to the following directory:

    cd/[InstallationDirectory]/CA/PerformanceCenter/PC/conf
    

12. Edit the file wrapper.conf. In the following line, replace '8181' with '8182' so that it matches the port defined in jetty-ssl.xml, described previously:

      wrapper.java.additional.2=-Djetty.port=8181
    

13. Change to the following directory:

    cd /[InstallationDirectory]/CA/PerformanceCenter/sso/webapps/
    sso/configuration
    

14. Edit the file 'CAPerformanceCenter.xml'.
15. Replace the <Scheme> and CA Portal values with settings appropriate for SSL:

    <?xml version="1.0" encoding="utf-8" ?>
    <Configuration>
         <SingleSignOnEnabled>True</SingleSignOnEnabled>
         <SingleSignOnProductCode>pc</SingleSignOnProductCode>
         <SignInPageProductDefaultUrl>
              <Scheme>https</Scheme>
              CA Portal8182</Port>
              <PathAndQuery>/pc/desktop/page</PathAndQuery>
         </SignInPageProductDefaultUrl>
         <SingleSignOnWebServiceUrl>
              <Scheme>https</Scheme>
              CA Portal8182</Port>
              <PathAndQuery>/pc/center/webservice/sso</PathAndQuery>
         </SingleSignOnWebServiceUrl>
    </Configuration>