EcoStruxure IT forum
Schneider Electric support forum about installation and configuration for DCIM including EcoStruxure IT Expert, IT Advisor, Data Center Expert, and NetBotz
Link copied. Please paste this link to share this article on your social media post.
Posted: 2020-05-27 08:26 AM
Hello,
How can i add ssl certificate for Struxureware portal?
Link copied. Please paste this link to share this article on your social media post.
Link copied. Please paste this link to share this article on your social media post.
Posted: 2020-05-27 10:20 AM
Hello Mohamed
Technically speaking it should be possible to add a SSL certificate to StruxureWare Portal. I do not have direct access to the actual procedure for enabling SSL on StruxureWare Portal so my below details are from memory.
Here's a summary of what you need to do, given your question I assume you already have the SSL certificate.
On the StruxureWare Portal server, go to this folder C:\Program Files\StruxureWare Portal\tomcat-7.0.27\conf.
Make a copy of the server.xml file before you edit it in case something goes wrong with this process.
Edit the server.xml file with a tool like notepad.exe. About half way down that file you will see these entries (this is the default).
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" URIEncoding="UTF-8" />
Comment the above lines by placing the characters " <!--" before the above section and the characters "-->" after the above section so it now looks something like this:
<!--
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" URIEncoding="UTF-8" />
-->
About 10 to 12 lines further down the server.xml file you should see a section which looks like this:
<!--
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
You will need to edit this section to enable secured connections to portal. First, remove the comment characters "<!--" at the top of the section and "-->" at the bottom. Then change the protocol to only accept TLSv1.2 with the "sslProtocol" parameter, and then I'm adding a set of additional parameters after the sslProtocol parameter which includes options for you to specify your SSL cert keystore information.
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLSv1.2"
minSpareThreads="25" maxSpareThreads="75" enableLookups="true" disableUploadTimeout="true"
acceptCount="100" debug="0" keystoreFile=""PATH-to-YOUR-KeyStore-File" keystorePass="KeyStorePassword"/>
In the above section replace "PATH-to-YOUR-KeyStore-File" to the full path to your SSL keystore file. If you do not place a full path the web server will look from the "C:\Program Files\StruxureWare Portal\tomcat-7.0.27\" folder.
In the above section replace the "KeyStorePassword" value with your keystore password.
Once completed, save your changes and restore the portal services.
If the above does not work and you cannot access portal, you may need to restore the copy of the server.xml file.
Regards
Greg Sterling
Link copied. Please paste this link to share this article on your social media post.
Link copied. Please paste this link to share this article on your social media post.
Posted: 2020-05-27 10:20 AM
Hello Mohamed
Technically speaking it should be possible to add a SSL certificate to StruxureWare Portal. I do not have direct access to the actual procedure for enabling SSL on StruxureWare Portal so my below details are from memory.
Here's a summary of what you need to do, given your question I assume you already have the SSL certificate.
On the StruxureWare Portal server, go to this folder C:\Program Files\StruxureWare Portal\tomcat-7.0.27\conf.
Make a copy of the server.xml file before you edit it in case something goes wrong with this process.
Edit the server.xml file with a tool like notepad.exe. About half way down that file you will see these entries (this is the default).
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" URIEncoding="UTF-8" />
Comment the above lines by placing the characters " <!--" before the above section and the characters "-->" after the above section so it now looks something like this:
<!--
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" URIEncoding="UTF-8" />
-->
About 10 to 12 lines further down the server.xml file you should see a section which looks like this:
<!--
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
You will need to edit this section to enable secured connections to portal. First, remove the comment characters "<!--" at the top of the section and "-->" at the bottom. Then change the protocol to only accept TLSv1.2 with the "sslProtocol" parameter, and then I'm adding a set of additional parameters after the sslProtocol parameter which includes options for you to specify your SSL cert keystore information.
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLSv1.2"
minSpareThreads="25" maxSpareThreads="75" enableLookups="true" disableUploadTimeout="true"
acceptCount="100" debug="0" keystoreFile=""PATH-to-YOUR-KeyStore-File" keystorePass="KeyStorePassword"/>
In the above section replace "PATH-to-YOUR-KeyStore-File" to the full path to your SSL keystore file. If you do not place a full path the web server will look from the "C:\Program Files\StruxureWare Portal\tomcat-7.0.27\" folder.
In the above section replace the "KeyStorePassword" value with your keystore password.
Once completed, save your changes and restore the portal services.
If the above does not work and you cannot access portal, you may need to restore the copy of the server.xml file.
Regards
Greg Sterling
Link copied. Please paste this link to share this article on your social media post.
Create your free account or log in to subscribe to the board - and gain access to more than 10,000+ support articles along with insights from experts and peers.