Configuring the server interface services server port for HTTPS

This topic provides instructions for configuring the server interface services server port for HTTPS on Windows.

About this task

To configure HTTPS, you need a certificate. You can make one manually for testing purposes or you can purchase one from a trusted certificate authority.

You also need to have a keystore containing the server certificate. Follow the instructions from your certificate vendor to install your certificate into Tomcat.

If you are generating your own certificate for testing purposes, you can create and manage a keystore using the standard Java key tool facilities as documented on the Oracle web site. You can also find alternative resources on the internet, which can help you create your own certificate and install it into Tomcat.

You need to define a new connector in the Connector element in the server.xml file to allow HTTPS. The server.xml file is in the conf subdirectory on the server machine.

Take care when changing the server.xml file, as incorrect edits can lead to a complete loss of system functionality. Make a backup of the file before you edit it.

Note: The interface services support the use of HTTPS communication between the web browser and the interface services server. For more information about configuring HTTPS and for other methods of configuration, see the Tomcat user documentation.

Procedure

  1. Open the file and make the changes in bold:
    <!-- Delete this line from the file
    <Connector port="8443“ maxHttpHeaderSize="8192"
    maxThreads="150" inSpareThreads="25“
    MaxSpareThreads="75“ enableLookups="false"
    disableUploadTimeout="true“ acceptCount="100"
    scheme="https" secure="true“ clientAuth="false" sslProtocol="TLS"
    keystoreFile="c:\Server\keystore.ks"
    keystorePass="password"
    keystorePass="password"algorithm="IbmX509"
    />
    --> Delete this line from the file

    By default, this Connector element is commented out. Deleting the line immediately preceding it and immediately after it makes the element active.

    The changes to the file
    • Set the server to use HTTPS on port 8443
    • Use the keystore entries to identify the keystore that contains the server certificate.
  2. Save the file, and restart the interface services server.

Feedback