How to configure Endpoint Management to use SSL
search cancel

How to configure Endpoint Management to use SSL

book

Article ID: 10364

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM) CA Privileged Access Manager (PAM)

Issue/Introduction

When Endpoint Management is installed standalone/without the ENTM, it is not configured to use SSL.

This document demonstrates how to configure the Endpoint Management web front end to use SSL/HTTPS



Environment

Release: ACP1M005900-12.9-Privileged Identity Manager
Component:

Resolution

1) Generate a new self-signed certificate for Endpoint Management. In a command prompt run, where <JDK> is the location where the jdk used by jboss is installed, e.g. C:\jdk1.8.0.

 

keytool -genkey -alias acem -keyalg RSA -validity 365 -keystore <JDK>\jre\lib\security\cacerts 

 

When prompted for a password, the password is:  

changeit 

 

Follow the prompts to create the certificate for you and your organization. 

 

2) Edit <jboss>\server\default\deploy\jboss-web.deployer\server.xml 

 

Find the following: 

 

<!-- 

<Connector port="18443" protocol="HTTP/1.1" SSLEnabled="true" 

maxThreads="150" scheme="https" secure="true" 

clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8"/> 

--> 

 

Uncomment it and point it towads the keystore from step 1. It should look like the following where <JDK> is the location where the jdk used by jboss is installed, e.g. C:/jdk1.8.0. Please note that you should use forward slashes (/) instead of backslashes (\) in paths: 

 

<Connector port="18443" protocol="HTTP/1.1" SSLEnabled="true" 

maxThreads="150" scheme="https" secure="true" 

clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8" 

keystoreFile="<JDK>/jre/lib/security/cacerts" keystorePass="changeit"/> 

 

3) Stop the jboss service 

 

4) Delete <jboss>\server\default\tmp and <jboss>\server\default\work 

 

5) Start the jboss service

 

6) When jboss is started, go to  https://<server>:18443/acem/  in a browser.