Submit a ticketCall us

Systems Monitoring for Dummies
Our new eBook will teach you the fundamentals and help you create monitors and alerts that are effective, meaningful, and actionable. Monitoring is more than a checkbox on your to-do list. This free eBook will give you practical advice to help you succeed in all aspects of monitoring – discovery, alerting, remediation, and troubleshooting. Don’t miss out on this indispensable resource for newbies, experienced IT pros, and everyone in between. Register Now.

Home > Success Center > Storage Manager (STM) > SRM Profiler Administrator Guide > SRM Profiler settings > Enabling SSL login for the website

Enabling SSL login for the website

Table of contents
No headers

Updated: June 16, 2017

Some users may want to utilize SSL logins for their website. Enabling SSL Login describes how to set up SSL on the SRM Profiler Web Console using port redirection from port 80.

When enabled, users can access the Web Console on port 80, and HTTPS is used automatically.

To enable SSL complete the following steps:

 

  1. SRM Profiler already has a self-signed certificate in the < installation path>/webapps/ROOT/bin directory called "jswis-keystore." To use this keystore, proceed to step 4, otherwise proceed to step 2.
  2. Run the command:
    C:\Program Files\SolarWinds\Storage Manager Server\jre\bin>keytool -genkey -alias tomcat -keyalg RSA
    and when prompted, enter your details and a password for the keystore. Remember this keystore password.
  3. The certificate file is called .keystore and it can be found in the home directory of the user creating it. Save this file to a location outside of the SRM Profiler installation directory, for example: C:\SRM_Certificate.
  4. Using a text editor, open the server.xml file. This file is located in C:\Program Files\SolarWinds\Storage Manager Server\conf\server.xml directory. Perform the following changes:
    1. Using the self-signed certificate you just created:

      <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" URIEncoding="UTF-8" disableUploadTimeout="true" connectionTimeout="20000" acceptCount="100" redirectPort="8443" enableLookups="false" maxSpareThreads="75" minSpareThreads="25" keystoreFile="webapps/ROOT/bin/jswis-keystore" keystorePass="solarwinds" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" maxHttpHeaderSize="8192" ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"/>

    2. Using your own self-signed certificate:

      <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" URIEncoding="UTF-8" disableUploadTimeout="true" connectionTimeout="20000" acceptCount="100" redirectPort="8443" enableLookups="false" maxSpareThreads="75" minSpareThreads="25" keystoreFile="C:\SRM_Certificate\.keystore" keystorePass="solarwinds" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" maxHttpHeaderSize="8192" ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"/>

    • The port numbers can be modified to whatever port you wish to use for HTTP or HTTPS communication.
    • In the HTTPS connector, the 'keystoreFile=' points to the location of the keystore file.
    • In the HTTPS connector, the 'keystorePass=' contains the password for the keystore file.
    • If you update the HTTPS port you must also update the 'redirectPort= ' in the HTTP and HTTPS connectors.
  5. Save your changes to the server.xml file.
  6. Using a text editor, open the web.xml file located in the C:\Program Files\SolarWinds\SRM Profiler Server\conf\web.xml directory.
  7. Remove the <url-pattern> line and modify it by copying the following lines in the same </web-app> tag location:
    • <url-pattern>/*</url-pattern>
    • <http-method>GET</http-method>
    • <http-method>POST</http-method>

The modified <security-constraint> tag in web.xml should like the following:

<security-constraint>

<web-resource-collection>

<url-pattern>/*</url-pattern>

<http-method>GET</http-method>

<http-method>POST</http-method>

</web-resource-collection>

<user-data-constraint>

<transport-guarantee>CONFIDENTIAL</transport-guarantee>

</user-data-constraint>

</security-constraint>

  1. Save the web.xml file.
  2. Restart the Web Services service.
Last modified

Tags

Classifications

Public