Can you secure JBOS with SSL
search cancel

Can you secure JBOS with SSL

book

Article ID: 33545

calendar_today

Updated On:

Products

Chorus Platform Mainframe Chorus DBA Discipline Mainframe Chorus Security Discipline Mainframe Chorus Storage Discipline

Issue/Introduction

Is there a way to secure JBOS with SSL? Running a port scan vulnerability report shows indicate plain text data being passed through the connection.

Resolution

Please ensure Chorus PTF RO81395 is applied.

To have a secure connection, we need SSL enabled.

To setup SSL in Compliance Manger under Chorus, edit the cmgr_config.xml:

Obtain the value of the CATALINA_HOME environment variable. CATALINA_HOME is defined in the data set specified by the STDENV DD.

Find the configuration files that you need to modify for your system:

The CA Top Secret configuration file:
$CATALINA_HOME/webapps/VantageGMI/conf/tss/tss_config.xml

The CA Compliance Manager configuration file:
$CATALINA_HOME/webapps/cmgr/conf/cmgr/cmgr_config.xml

Within each configuration file, find the <server_info> block that contains connection information for your CA LDAP Server for z/OS.

Add <useTLS>true</useTLS> to the <server_info> block, as shown in the following example:

<tss classpath="com.ca.vantage.esmldap.EsmLdapTree" loginpage="/pages/esm/tss/login.jsp">
<tree id="258366f83beacc96c947354e4b90c24f" desc="CA TSS">
<server_info>
<host>ldap-server-hostname.yourcompany.com</host>
... (Various configuration directives appear here.) ...
<useTLS>true</useTLS>
</server_info>
</tree>
</tss>


Restart the Compliance Manager server.

Powered by Wolken Software