Submit a ticketCall us

Get a crash course on Network Monitoring delivered right to your inbox
This free 7-day email course provides a primer to the philosophy, theory, and fundamental concepts involved in IT monitoring. Lessons will explain not only how to perform various monitoring tasks, but why and when you should use them. Sign up now.

Home > Success Center > Storage Manager (STM) > Set up SSL on Storage Manager with port redirection from port 80

Set up SSL on Storage Manager with port redirection from port 80

Table of contents
Created by Milton Harris, last modified by Karen Valdellon on Jun 20, 2017

Views: 20 Votes: 2 Revisions: 3

Updated June 20, 2017

Overview

This article describes how to set up SSL on the Storage Manager Web Console using port redirection from port 80.
When enabled, users can access the Web Console on port 80, and HTTPS is used automatically.

Environment

All STM versions

Steps

  1. Use the key generator tool to create a self-signed certificate. Log in as an administrator and from a command prompt, run the following command:
    C:\Program Files\SolarWinds\Storage Manager Server\jre\bin>keytool -genkey -alias tomcat -keyalg RSA
  2. When prompted, enter your details and a password for the keystore. Remember this keystore password. 
    The certificate file is called: .keystore and is created in the home directory of the user that created the file. The home directory is generally C:\Users\<login>. </login>If the administrator is logged in and is generating the keystore, then it is in C:\Users\Administrator.
  3. Save the .keystore file to a location outside of the Storage Manager installation directory.
    For example: C:\STM_Certificate.
  4. Edit the following server.xml file:
    C:\Program Files\SolarWinds\Storage Manager Server\conf\server.xml
  5. Place HTML comment tags around the default HTTP connector port section:
    <!-- <connector maxhttpheadersize="8192" port="9000"/>
    <Connector port="9000" maxHttpHeaderSize="8192"<connector maxhttpheadersize="8192" port="9000">
    maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
    enableLookups="false" redirectPort="8443" acceptCount="100" 
    connectionTimeout="20000" disableUploadTimeout="true" /> 
    --></connector>
  6. Enter the following HTTP and HTTPS connectors:
    <Connector port="80" protocol="HTTP/1.1" URIEncoding="UTF-8"
    disableUploadTimeout="true" connectionTimeout="20000"
    acceptCount="100" redirectPort="443" enableLookups="false"
    maxSpareThreads="75" minSpareThreads="25"
    maxThreads="150" maxHttpHeaderSize="8192"/>
                    
    <Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
    URIEncoding="UTF-8" disableUploadTimeout="true" connectionTimeout="20000" acceptCount="100"
    redirectPort="443" enableLookups="false" maxSpareThreads="75" minSpareThreads="25"
    keystoreFile="C:\STM_Certificate\.keystore" keystorePass="solarwinds"
    SSLEnabled="true" maxThreads="150"
    scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" maxHttpHeaderSize="8192"/>
  7. You can modify the port numbers to whatever ports you wish to use for HTTP and HTTPS communications.
    • In the HTTPS connector, the 'keystoreFile=' points to the location of the keystore file.
    • In the HTTPS connector, the 'keystorePass=' contains the password for the keystore file.
    • If you update the HTTPS port, make sure you also update 'redirectPort= ' in the HTTP and HTTPS connectors.
  8. Save the server.xml file.
  9. Edit the web.xml file:
    C:\Program Files\SolarWinds\Storage Manager Server\conf\web.xml
  10. Add the following to the file just before the closing </web-app> tag.
    <security-constraint>
    <web-resource-collection>
    <url-pattern>/*</url-pattern>
    <http-method>GET</http-method>
    <http-method>POST</http-method>
    </web-resource-collection>
    <user-data-constraint>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
    </security-constraint>
  11. Save the web.xml file.
  12. Restart the SolarWinds Storage Manager Web Services service.

 

 

Last modified
19:35, 19 Jun 2017

Tags

Classifications

Public