Connecting a Studio Endeca Server connection to a secured Endeca Server

When you install Endeca Server, the default option is to use SSL to secure it. To connect to a secured Endeca Server, you copy the Endeca Server certificate files to Studio. When configuring an Endeca Server connection in Studio, you include the certificate file names and passwords.

Note that if you have already copied over the Endeca Server truststore and keystore files as part of configuring the connection to the Provisioning Service, then you can skip to step 5.

To allow Studio Endeca Server connections to be connected to a secured Endeca Server:

  1. Stop Studio.
  2. From the Endeca Server $DOMAIN_HOME/config/ssl directory, copy the following files:
    • endecaServerClientCert.ks
    • endecaServerTrustStore.ks

    For Endeca Server, $DOMAIN_HOME is the full path to the Endeca Server WebLogic domain.

  3. Place the files into the endeca-data-sources directory.

    If Studio was installed using the Tomcat bundle, the directory is endeca-portal/data/endeca-data-sources.

    If Studio was installed on a standalone instance of Tomcat, without using the bundle, then you will need to create the endeca-portal/data/endeca-data-sources directory.

    If Studio was installed on WebLogic Server, then the directory is the data\endeca-data-sources directory in the Liferay Home directory. By default, the Liferay Home directory is <WebLogicInstallDirectory>/user_projects/domains.

  4. Restart Studio.
  5. From the Endeca Servers page of the Studio Control Panel, add the sslConfig setting to the appropriate Endeca Server connection definition. The sslConfig setting contains the following settings:
    Setting Description
    caFile The name of the truststore file.

    For the default secured Endeca Server configuration, the file is endecaServerTrustStore.ks.

    caPassword The password for the truststore file.

    You need to obtain the password from whoever installed the Endeca Server and generated the certificates.

    Note that on the Endeca Server Connection Definition dialog, once you save the Endeca Server connection, the value of caPassword is masked as ************. The value also is encrypted in the Studio database.

    When you edit the Endeca Server connection, you must re-type the actual password value before saving. Otherwise, Studio uses the masking asterisks as the password value.

    certFile The name of the keystore file.

    For the default secured Endeca Server configuration, the file is endecaServerClientCert.ks.

    certPassword The password for the keystore file.

    You need to obtain the password from whoever installed the Endeca Server and generated the certificates.

    Note that on the Endeca Server Connection Definition dialog, once you save the Endeca Server connection, the value of certPassword is masked as ************. The value also is encrypted in the Studio database.

    When you edit the Endeca Server connection, you must re-type the actual password value before saving. Otherwise, Studio uses the masking asterisks as the password value.

    For example: 
    "sslConfig": {
"caFile":"endecaServerTrustStore.ks",
"caPassword":"************",
"certFile":"endecaServerClientCert.ks",
"certPassword":"************"
}

    For details on using the Endeca Servers page to configure Studio Endeca Server connections, see the Studio Administration and Customization Guide.

Example of an Endeca Server connection connected to secured Endeca Server

The following Endeca Server connection connects to a secured Endeca Server. 
{
 "server":"server01.lab.acme.com",
 "port":"7002",
 "dataDomainName":"acmeDB",
 "sslConfig": {
   "caFile":"endecaServerTrustStore.ks",
   "caPassword":"************",
   "certFile":"endecaServerClientCert.ks",
   "certPassword":"************"
 }
 "name":"High End Midwest Wines",
 "description":"Transactions for Midwest wines priced over 25 dollars",
}