This procedure describes how to configure Control-M/EM Web Server to work with HTTPS, which secures data between the web browser and the web server.
NOTE: Control-M/EM Web Server is an Apache Tomcat Web Server.
The Control-M/EM Web Server provides a DEMO certificate signed by the DEMO CA of Control-M. The DEMO CA of Control-M, which certifies the DEMO Certificate, is not trusted by the Web browser. The Web browser issues a warning message informing you not to browse to this site, because the DEMO CA is not trusted by the Web browser. If you continue, you will receive a certificate error notification. BMC Software recommends that you replace the demo certificate with a certificate signed by a known CA in your organization.
To configure Control-M/EM Web Server to work with HTTPS:
In the server.xml file, navigate to the following xml content. The connector must point to the correct key store and correct password.
<!-- A "Connector" represents an endpoint by which requests are received
...
...
-->
Add the following xml content after the above content.
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocols="TLSv1, TLSv1.1, TLSv1.2"
keystoreFile="conf/tomcat.keystore"
keystorePass="{password}" />
For an example of this configuration, open the server.xml.HTTPS file.
To redirect HTTP to HTTPS, see Redirecting HTTP to HTTPS.
Parent Topic |