AdminUI (WAMUI) URL HTTPS 8443 and HTTP 8080 management and config
search cancel

AdminUI (WAMUI) URL HTTPS 8443 and HTTP 8080 management and config

book

Article ID: 208335

calendar_today

Updated On:

Products

CA Single Sign On Agents (SiteMinder) SITEMINDER

Issue/Introduction

 

When running an AdminUI, how can it be accessed in HTTPS instead of HTTP on one server? How to access the AdminUI in HTTPS on port 8080 instead of 8443?

 

Environment

 

AdminUI 12.8SP3 on RedHat 7

 

Resolution

 

At first glance, the AdminUI is only accessible on HTTP depending on the URL you have used during the registration process.

According to documentation, if you registered to access the HTTP and port 8080, then the AdminUI will be accessible in HTTP on port 8080 only. If you've written it in HTTPS on port 8443, then the AdminUI is accessible on port 8443 only (1).

If AdminUI has been first registered it in HTTP only on port 8080, the HTTPS on port 8443 can still be activated as per documentation (2).

Further issues might occur by accessing the AdminUI page in HTTPS using Internet Explorer IE. According to the Support Matrix, IE (Internet Explorer) is not supported nor advised (3).

Further, the error page:

 https://myhost.mydomain.com:8443/iam/siteminder/adminui 

 This page can't be displayed

will also occur because if the AdminUI isn't configured to work on HTTPS on port 8443. To solve it, follow the documentation and enable the SSL in the AdminUI.

Finally, the product is designed to listen in SSL on port 8443 only.

 

Additional Information

 

(1)

    Register the Administrative UI

      Follow these steps:

      Complete one of the following steps:

      - (Recommended) Open a web browser and go to the following
        location to register the Administrative UI over
        SSL:https://host:8443/iam/siteminder/adminui

      - Open a browser and go to the following
        location:http://host:8080/iam/siteminder/adminui host specifies
        the fully qualified Administrative UI host system name.  If the
        host system does not have a web browser, you can remotely access
        the login screen.  The Administrative UI login screen appears.

    
    
(2)

    (Optional) Configure the Administrative UI to Use an SSL (HTTPS) Connection

      By default, the Administrative UI is accessed using an unsecured
      (HTTP) connection. After you register the Administrative UI with
      the Policy Server, you can configure the Administrative UI to use
      an SSL (HTTPS) connection. To change the connection, modify the
      web.xml file of the embedded JBoss application server and enable
      secure cookies.

      Follow these steps:

      - Shut down the application server.

      - Navigate to the following location: user_console.war\WEB-INF

      - Open the web.xml file.

      - Add the <secure> attribute to the cookie-config section and set
        it to true:

        <session-config>

          <cookie-config>
           <http-only>true</http-only>
           <secure>true</secure> 
          </cookie-config>

        </session-config>

      

(3)

    2.2 Operating System for SiteMinder Administrative User Interface

      1. Administrative User Interface with embedded Application Server is
         supported on operating systems supported by policy server.
  
      2. Browser support for the administrative User Interface

         a. Microsoft Edge – last tested version was 104.0.1293.63
         b. Safari – last tested version was 15.5
         c. Firefox – last tested version was 103.0.2
         d. Google Chrome – last tested version was 104.0.5112