When running an AdminUI, how can it be accessed in HTTPS instead of HTTP on one server? How to access the AdminUI in HTTPS on port 8080 instead of 8443?
AdminUI 12.8SP3 on RedHat 7
At first glance, the AdminUI is only accessible on HTTP depending on the URL you have used during the registration process.
According to documentation, if you registered to access the HTTP and port 8080, then the AdminUI will be accessible in HTTP on port 8080 only. If you've written it in HTTPS on port 8443, then the AdminUI is accessible on port 8443 only (1).
If AdminUI has been first registered it in HTTP only on port 8080, the HTTPS on port 8443 can still be activated as per documentation (2).
Further issues might occur by accessing the AdminUI page in HTTPS using Internet Explorer IE. According to the Support Matrix, IE (Internet Explorer) is not supported nor advised (3).
Further, the error page:
https://myhost.mydomain.com:8443/iam/siteminder/adminui
This page can't be displayed
will also occur because if the AdminUI isn't configured to work on HTTPS on port 8443. To solve it, follow the documentation and enable the SSL in the AdminUI.
Finally, the product is designed to listen in SSL on port 8443 only.
(1)
Register the Administrative UI
Follow these steps:
Complete one of the following steps:
- (Recommended) Open a web browser and go to the following
location to register the Administrative UI over
SSL:https://host:8443/iam/siteminder/adminui
- Open a browser and go to the following
location:http://host:8080/iam/siteminder/adminui host specifies
the fully qualified Administrative UI host system name. If the
host system does not have a web browser, you can remotely access
the login screen. The Administrative UI login screen appears.
(2)
(Optional) Configure the Administrative UI to Use an SSL (HTTPS) Connection
By default, the Administrative UI is accessed using an unsecured
(HTTP) connection. After you register the Administrative UI with
the Policy Server, you can configure the Administrative UI to use
an SSL (HTTPS) connection. To change the connection, modify the
web.xml file of the embedded JBoss application server and enable
secure cookies.
Follow these steps:
- Shut down the application server.
- Navigate to the following location: user_console.war\WEB-INF
- Open the web.xml file.
- Add the <secure> attribute to the cookie-config section and set
it to true:
<session-config>
<cookie-config>
<http-only>true</http-only>
<secure>true</secure>
</cookie-config>
</session-config>
(3)
2.2 Operating System for SiteMinder Administrative User Interface
1. Administrative User Interface with embedded Application Server is
supported on operating systems supported by policy server.
2. Browser support for the administrative User Interface
a. Microsoft Edge – last tested version was 104.0.1293.63
b. Safari – last tested version was 15.5
c. Firefox – last tested version was 103.0.2
d. Google Chrome – last tested version was 104.0.5112