How do you configure CA CSM to always use HTTPS instead of HTTP for user access manually?

Environment

Release:

Component:

Resolution

Follow these steps:

Verify that you are able to access CA CSM using both HTTP and HTTPS.
Shut down Apache Tomcat.

Configure Apache Tomcat in the web.xml file:

In the tomcat/conf directory, open the web.xml file.

Add the following XML under the web-app tag:

<security-constraint>
     <web-resource-collection>
     <web-resource-name>Protected Context</web-resource-name>
        <url-pattern>/*</url-pattern>
     </web-resource-collection>
           <!-- auth-constraint goes here if you require authentication -->
      <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
      </user-data-constraint>
</security-constraint>

Save and close the web.xml file.

Configure Apache Tomcat in the server.xml file.

In the tomcat/conf directory, open the server.xml file.
Locate the Connector XML definition that contains the HTTP port number that Apache Tomcat runs on.

Change or add, if necessary, the redirectPort attribute to the Connector XML tag. Set its value as the port number of the HTTPS Connector. For example:

<!-- A "Connector" represents an endpoint by which requests

and responses are returned. Documentation at :

Java HTTP Connector: /docs/config/http.html (blocking &

non-blocking)

Java AJP Connector: /docs/config/ajp.html

APR (HTTP/AJP) Connector: /docs/apr.html

Define a non-SSL HTTP/1.1 Connector on port 8080

-->

<Connector address="123.456.789.321" port="8080"

protocol="HTTP/1.1"

connectionTimeout="20000"

redirectPort="30308" />

Save and close the server.xml file.

Start Apache Tomcat.
Restart your browser.
Access the HTTP URL, and verify that it redirects to the HTTPS URL instead.

Additional Information

https://docops.ca.com/ca-chorus-software-manager/6-1/en/administrating/configuring-ca-csm/configure-ca-csm-to-use-https/configure-https-to-override-http

Feedback

thumb_up Yes

thumb_down No