How to change the Enforce UI SSL/HTTP port

book

Article ID: 160399

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

How to change the UI SSL/HTTP port when you need or want to use a non-default port for UI communication.

Resolution

The designated UI SSL/HTTP port on Linux installations of Enforce is 8443. Vontu creates an IPTables entry to forward all traffic from 443 to 8443.

To change the UI SSL/HTTP port, edit the port number in the following file:

 C:\Vontu\Protect\tomcat\conf\server.xml   (versions 15.0 and older)

 C:\Program Files\Symantec\DataLossPrevention\EnforceServer\15.7\Protect\tomcat\conf\server.xml   (versions 15.1 and newer)

<!-- Define a SSL HTTP/1.1 Connector on port 8443 -->

<Connector port="443" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" debug="0" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8" keystoreFile="conf/.keystore" keystorePass="protect"/>

If you have created server.xml.bak, it may be a good idea to change that file as well. You will need to bounce the VontuManager Service.