Setup SSL between IBM TOMCAT and CA LDAP for Compliance Event Manager

book

Article ID: 130438

calendar_today

Updated On:

Products

CA Compliance Event Manager

Issue/Introduction

How to setup SSL with TOMCAT and CA LDAP which are running on the same mainframe.

Need to setup SSL between TOMCAT and CA LDAP to have a secure connection running on the same mainframe.

Environment

Release:
Component: CEVM

Resolution

You do not need to establish SSL between TOMCAT and CA LDAP as both components reside within the mainframe.

There is a different change that needs to be made in regards to the ports that LDAP listens on by updating the CEMESLPC member in the **.CUSTOM.CFGLIB to modify the line from: 

hosturls ldap://:389 

to: 

hosturls ldap://localhost:389 
or: 
hosturls ldap://127.0.0.1:389 

In the login.json file in the UI, you will need to change the hostname values to specify 'localhost' instead of the respective machine name for the login node definition you are using. so for example, if in the login.json you had: 

"CEM WH on SS15": 

"host":"SS15.abccompany.com", 
"port":389, 
"suffix":"host=SS15_wh,c=us" 
}, 

Replace it with: 

"CEM WH on SS15": 

"host":"localhost", 
"port":389, 
"suffix":"host=SS15_wh,c=us" 
}, 

and then refresh the GUI. 

Substitute the host and suffix with your settings.