How to secure OneClick to SpectroSERVER communication
search cancel

How to secure OneClick to SpectroSERVER communication

book

Article ID: 72596

calendar_today

Updated On:

Products

CA Spectrum

Issue/Introduction

The CORBA SSL communication option is now pre-configured for the SpectroSERVER, LocServer, ArchMgr, and nameserv processes. 

However, you must configure OneClick to use Secure CORBA.

 

Environment

All versions of Spectrum

Resolution

Spectrum processes on the SpectroSERVER are configured to use ports 14012 through 14016 for secure CORBA. If you have a firewall in place verify those ports are opened.

 To enable secure CORBA, navigate to the OneClick Administration page (ie http://OC_HOST:port/spectrum) and click on Administration > SPECTRUM Configuration > CA Spectrum Secure CORBA Configuration > Use secure CORBA (SSL) for CA Spectrum communication and select Yes. 

Restart the OneClick Tomcat process

Additional Information

 

This secure CORBA option just handles OneClick to SpectroSERVER communication.  It does not do anything regarding SS to SS or any other traffic.   

If you want to encrypt SS to SS traffic you will need to create a secure tunnel at the network layer, this is because SS to SS communication uses SSAPI and not CORBA.

Please reference the "Spectrum Configuration Page" section of the documentation for more details.

Please reference the "Communication Across Firewalls" section of the documentation for more details.

Attachments