Configuring the xFlow Interface to Connect to SSL based Micro Services
search cancel

Configuring the xFlow Interface to Connect to SSL based Micro Services


Article ID: 75104


Updated On:


CA Service Desk Manager CA Service Management - Service Desk Manager


The steps below outline how to configure the xFlow interface to connect to SSL based Micro Services.


Release: 17.1 or higher
Component:  CA Service Desk Manager


Perform the following steps:

1. Backup the casm.conf.js and files . The default location to access these files is:
   C:\Program Files\CA\xFlow\APPS\Services\incidentmicroservice-<xxxx>\public\conf

2. Verify that SSL is enabled for Tomcat in CA Service Desk Manager. 

3. Open the file and do the following:

   Find the text: api : {server : 'https://localhost:8080/'}, and modify the port number as 8443.

   Save and close the file.

4. Open casm.conf.js file and configure the microservices that are required for your environment as below:
    a. Find the text: api : {server : 'https://<hostname>:9004'}, and modify the port number as 9444.

    b. Find the text: search : {server : 'https://<hostname>:9006'}, and modify the port number as 9446.

    c. Find the text: websocket : {server : 'wss://<hostname>:9008'}, and modify the port number as 9448.

    d. Find the text: sdm : {server : 'https://<hostname>/CAisd/pdmweb.exe'}, and add the port number 8443 to host name. For example, http://sdmhostname:8443/CAisd/pdmweb.exe.

    e. Find the text: insights: {server : 'https://<hostname>:port'}, and add the port number 9452 to the host name. For example, http://insights:9452.

5. Save and close the file.

6. Navigate to: C:\Program Files\CA\xFlow\APPS\Services\insightmicroservice-17.1.705\conf 

7. Open the application.conf file in a text editor.

8. Find the parameter Security headers. 

9. Search for: play.filters.headers.frameOptions = "ALLOW-FROM <http://hostname:9002>"

10. Replace it with: play.filters.headers.frameOptions = "ALLOW-FROM <https://hostname:9444>" 

11. Search for: play.filters.headers.contentSecurityPolicy = "child-src 'self' 'unsafe-inline' 'unsafe-eval' <http://hostname:9002>"

12. Replace it with: play.filters.headers.contentSecurityPolicy = "child-src 'self' 'unsafe-inline' 'unsafe-eval' <https://hostname:9444>"

13. Restart the xFlow Analyst Interface Service.

14. Verify you are able to access the xflow Analyst Interface <https://hostname:9444/>

Additional Information

The above supplements the main article about xFlow and SSL, available here: 

Enable Secure Socket Layer for xFlow Interface