search cancel

MSM - Use HTTPS for Downloads

book

Article ID: 134597

calendar_today

Updated On:

Products

CHORUS SOFTWARE MANAGER

Issue/Introduction

How do you configure CA CSM to always use HTTPS instead of HTTP for user access manually?


Environment

Release:


Component:

Resolution

Follow these steps:

  1. Verify that you are able to access CA CSM using both HTTP and HTTPS.
  2. Shut down Apache Tomcat.
  3. Configure Apache Tomcat in the web.xml file:
    1. In the tomcat/conf directory, open the web.xml file.
    2. Add the following XML under the web-app tag:

      <security-constraint>

           <web-resource-collection>

           <web-resource-name>Protected Context</web-resource-name>

              <url-pattern>/*</url-pattern>

           </web-resource-collection>

                 <!-- auth-constraint goes here if you require authentication -->

            <user-data-constraint>

              <transport-guarantee>CONFIDENTIAL</transport-guarantee>

            </user-data-constraint>

      </security-constraint>

    3. Save and close the web.xml file.
  4. Configure Apache Tomcat in the server.xml file.
    1. In the tomcat/conf directory, open the server.xml file.
    2. Locate the Connector XML definition that contains the HTTP port number that Apache Tomcat runs on.
    3. Change or add, if necessary, the redirectPort attribute to the Connector XML tag. Set its value as the port number of the HTTPS Connector. For example:

      <!-- A "Connector" represents an endpoint by which requests

               and responses are returned. Documentation at :

               Java HTTP Connector: /docs/config/http.html (blocking & 

               non-blocking)

           Java AJP  Connector: /docs/config/ajp.html

               APR (HTTP/AJP) Connector: /docs/apr.html

               Define a non-SSL HTTP/1.1 Connector on port 8080

          -->

          <Connector address="123.456.789.321" port="8080"

                     protocol="HTTP/1.1"     

                     connectionTimeout="20000"

                     redirectPort="30308" />

    4. Save and close the server.xml file.
  5. Start Apache Tomcat.
  6. Restart your browser.
  7. Access the HTTP URL, and verify that it redirects to the HTTPS URL instead.

Additional Information

https://docops.ca.com/ca-chorus-software-manager/6-1/en/administrating/configuring-ca-csm/configure-ca-csm-to-use-https/configure-https-to-override-http