Sun N1 Service Provisioning System 5.2 Installation Guide

Configuring HTTPS After Selecting HTTP During Installation

The Sun N1 Service Provisioning System installation program prompts you to choose to select HTTPS or HTTP for the browser interface to use to connect to the Master Server. If you selected HTTP during the installation, you can manually reconfigure the Sun N1 Service Provisioning System to use HTTPS.

How to Enable HTTPS Connections from the Master Server Browser Interface to the Web Interface of the Master Server

Complete the following steps to configure the browser interface to use HTTPS instead of HTTP to connect to the Master Server.

Before You Begin

Generate an SSL Certificate and obtain a signature from a Certifying Authority if necessary. For instructions, see Creating a Keystore File and Keystore Password for HTTPS Connections.

Steps

Stop the Master Server.
% N1SPS5.2-MasterServer-home/server/bin/cr_server stop
N1SPS5.2-MasterServer-home is the directory where you installed the Master Server.

Move the keystore file to the Master Server home directory.
%mv /keystore-location N1SPS5.2-MasterServer-home/server/tomcat/keystore
/keystore-location is the location and filename where you stored the generated key. N1SPS5.2-MasterServer-home is the directory where you installed the Master Server.

Change to the directory where you moved the keystore file.
% cd N1SPS5.2-MasterServer-home/server/tomcat/
N1SPS5.2-MasterServer-home is the directory where you installed the Master Server.

Set the ownership and permissions on the keystore file:
%chmod 600 keystore
%chown MS_user:MS_group keystore
MS_user is the user that owns the Master Server application. MS_group is the group that owns the Master Server application. /keystore-location is the filename where you stored the generated key.

Change to the directory where the Tomcat configuration files are located.
% cd /N1SPS5.2-MasterServer-home/server/tomcat/conf
N1SPS5.2-MasterServer-home is the directory where you installed the Master Server.

In the server.xml file, uncomment the following lines. XML comments begin with .

<Connector className="org.apache.catalina.connector.http.HttpConnector"
               port="8443" minProcessors="5" maxProcessors="75"
               enableLookups="true"
               acceptCount="10" debug="0" scheme="https" secure="true">
          <Factory className="com.raplix.rolloutexpress.ui.web.EncodedPasswordSSLFactory"
               clientAuth="false" protocol="TLS"/>
      </Connector>

Edit the Factory element as follows.

<Factory className="com.raplix.rolloutexpress.ui.web.EncodedPasswordSSLFactory"
           clientAuth="false" protocol="TLS" 
	keystoreFile="N1SPS5.2-MasterServer-home/server/tomcat/keystore"
 keystorePass="password"/>

N1SPS5.2-MasterServer-home is the directory in which you installed the Master Server. password is the encoded version of the password.