Submit a ticketCall us

Announcing NCM 7.7
With NCM 7.7, you can examine the rules that make up an access control list for a Cisco ASA device. Then you can apply filters to display only rules that meet the specified criteria, order the rules by line number or by the hit count, and much more.
See new features and improvements.

Home > Success Center > Storage Manager (STM) > SRM Profiler Administrator Guide > SRM Profiler settings > Enabling SSL login for the website

Enabling SSL login for the website

Table of contents
No headers

Updated: June 16, 2017

Some users may want to utilize SSL logins for their website. Enabling SSL Login describes how to set up SSL on the SRM Profiler Web Console using port redirection from port 80.

When enabled, users can access the Web Console on port 80, and HTTPS is used automatically.

To enable SSL complete the following steps:

 

  1. SRM Profiler already has a self-signed certificate in the < installation path>/webapps/ROOT/bin directory called "jswis-keystore." To use this keystore, proceed to step 4, otherwise proceed to step 2.
  2. Run the command:
    C:\Program Files\SolarWinds\Storage Manager Server\jre\bin>keytool -genkey -alias tomcat -keyalg RSA
    and when prompted, enter your details and a password for the keystore. Remember this keystore password.
  3. The certificate file is called .keystore and it can be found in the home directory of the user creating it. Save this file to a location outside of the SRM Profiler installation directory, for example: C:\SRM_Certificate.
  4. Using a text editor, open the server.xml file. This file is located in C:\Program Files\SolarWinds\Storage Manager Server\conf\server.xml directory. Perform the following changes:
    1. Using the self-signed certificate you just created:

      <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" URIEncoding="UTF-8" disableUploadTimeout="true" connectionTimeout="20000" acceptCount="100" redirectPort="8443" enableLookups="false" maxSpareThreads="75" minSpareThreads="25" keystoreFile="webapps/ROOT/bin/jswis-keystore" keystorePass="solarwinds" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" maxHttpHeaderSize="8192" ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"/>

    2. Using your own self-signed certificate:

      <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" URIEncoding="UTF-8" disableUploadTimeout="true" connectionTimeout="20000" acceptCount="100" redirectPort="8443" enableLookups="false" maxSpareThreads="75" minSpareThreads="25" keystoreFile="C:\SRM_Certificate\.keystore" keystorePass="solarwinds" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" maxHttpHeaderSize="8192" ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"/>

    • The port numbers can be modified to whatever port you wish to use for HTTP or HTTPS communication.
    • In the HTTPS connector, the 'keystoreFile=' points to the location of the keystore file.
    • In the HTTPS connector, the 'keystorePass=' contains the password for the keystore file.
    • If you update the HTTPS port you must also update the 'redirectPort= ' in the HTTP and HTTPS connectors.
  5. Save your changes to the server.xml file.
  6. Using a text editor, open the web.xml file located in the C:\Program Files\SolarWinds\SRM Profiler Server\conf\web.xml directory.
  7. Remove the <url-pattern> line and modify it by copying the following lines in the same </web-app> tag location:
    • <url-pattern>/*</url-pattern>
    • <http-method>GET</http-method>
    • <http-method>POST</http-method>

The modified <security-constraint> tag in web.xml should like the following:

<security-constraint>

<web-resource-collection>

<url-pattern>/*</url-pattern>

<http-method>GET</http-method>

<http-method>POST</http-method>

</web-resource-collection>

<user-data-constraint>

<transport-guarantee>CONFIDENTIAL</transport-guarantee>

</user-data-constraint>

</security-constraint>

  1. Save the web.xml file.
  2. Restart the Web Services service.
Last modified
11:16, 26 Jun 2017

Tags

Classifications

Public