ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
How to disable HTTP interface to ENTM GUI so that it can only be accessed via HTTPS?
Article ID: 19289
Updated On:
Products
CA Workload Automation AE - Business Agents (AutoSys)
CA Workload Automation AE - Scheduler (AutoSys)
Workload Automation Agent
Issue/Introduction
Description:
By default HTTP and HTTPS are both enabled to access the JBoss ENTM GUI.
For security reasons it might be desired to disable the HTTP interface only allowing access via HTTPS.
Solution:
In order to disable the JBOSS HTTP interface do the following
- Ddit the file server.xml located in the following path
<Drive/Directory>/jboss-4.2.3.GA/server/default/deploy/jboss-web.deployer/server.xml - Locate the HTTP connector definition
...
<Connector
URIEncoding="UTF-8" acceptCount="150" address="${jboss.bind.address}"
connectionTimeout="20000" disableUploadTimeout="true"
emptySessionPath="true" enableLookups="false" maxHttpHeaderSize="8192"
maxThreads="250" port="18080" protocol="HTTP/1.1" redirectPort="18443"
/>
... - Delete the complete clause or put it in between comments
<!--
...
--> - Save the file and restart JBoss
- Access the ENTM GUI in your Web Browser via HTTPS
https://fqdn.of.ENTM.box:18443/iam/ac/ - Verify that access to the ENTM GUI via HTTP is not working
http://fqdn.of.ENTM.box:18080/iam/ac/
Finally change the base url of the ac-env
- Open the ENTM Management Console
https://fqdn.of.ENTM.box:18443/idmmanage - Click on Environments and then on ac-env.
Locate the "Base URL" field. and update this field to reflect the new URL on port 18443, e.g
https://fqdn.of.ENTM.box:18443/iam - Click on Save and Restart the environment.
Environment
Release: ACP1M005900-12.6-Privileged Identity Manager
Component:
Component:
Feedback
Yes
No
Powered by
