Description:
I am trying to enable the SSL connection for the WAMUI using my own certificates instead of the default certificate. I have followed the technical document TEC562435 but it does not address my specific requirements.
Solution:
For deploying your certificate(s) to the Siteminder WAM UI the server.xml of the embedded JBOSS needs to be edited following the instructions below. If you are running the WAM UI on your own application server you would need to follow that vendors documentation and amend our instructions accordingly.
The parameters that need to be modified are: keyAlias, keystoreFile, keystoreType, keystorePass (the last four parameters).
section in Server.xml: <Connector protocol="HTTP/1.1" address="${jboss.bind.address}" port="8443" SSLEnabled="true" scheme="https" secure="true" emptySessionPath="true" enableLookups="true" maxPostSize="0" acceptCount="100" connectionTimeout="20000" URIEncoding="UTF-8" minSpareThreads="5" maxSpareThreads="75" keyAlias="tomcat" keystoreFile="jsse.keystore" keystoreType="jks" keystorePass="changeit" />
Please also refer to the aforementioned TEC562435 regarding how to secure the UI using SSL
https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=TEC562435