If you want to access Adeptia Connect on HTTPS protocol then you need to configure SSL certificate in Adeptia Connect. You need to generate SSL certificate using Java Keytool only.
Generating SSL Certificate on Connect Server
To generate SSL certificate:
- Open Terminal.
- Go to the directory where JRE is installed (for example, /mnt/AdeptiaConnect/AdeptiaConnect-2.9/ConnectServer/jre/bin)
Run the following Keytool command to create a Keystore for Jetty with a self signed certificate or CA signed certificate.
While executing the command, you will be prompted to provide other details. The default password is changeit. You can change the password. Note the Keystore password for future references.- Copy this Keystore (certs.jks) at the location (<AdeptiaInstallFolder>/AdeptiaServer/ServerKernel/etc/jetty).
- From the same folder location, open jetty.xml file and register the Keystore entry in the file. In the sslContextFactory section, add the path of the Keystore and the Keystore password (password chosen while creating Keystore).
- Save the file.
- Restart Connect Kernel and Connect WebRunner.
Configuring SSL Certificate on Connect Portal
To generate SSL certificate:
- Open Terminal.
- Go to the directory where JRE is installed (for example, /mnt/AdeptiaConnect/AdeptiaConnect-2.9/ConnectPortal/jre/bin)
Run the following Keytool command to create a Keystore for Jetty with a self signed certificate or CA signed certificate.
While executing the command, you will be prompted to provide other details. The default password is changeit. You can change the password. Note the Keystore password for future references.- Go to the location where Connect Portal is installed (/mnt/AdeptiaConnect/AdeptiaConnect-2.9/ConnectPortal). Create certs folder and copy the Keystore (certs.jks) in this folder.
- Go to …/<ConnectPortalInstallFolder>/conf and open server.xml in the Text Editor.
- Register the Keystore entry in the server.xml file and add the path of Keystore and Keystore password (password chosen while creating Keystore). Uncomment the following configuration section.
Provide the path of keystore:
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="5000" scheme="https" secure="true" compressionMinSize="128" connectionTimeout="20000" maxConnections="10000" clientAuth="false" sslProtocol="TLS" keystoreFile="/mnt/AdeptiaConnect/AdeptiaConnect-2.9/ConnectPortal/certs/certs.jks" keystoreType="JKS" keystorePass="XXXXXXXX" compression="on" noCompressionUserAgents="gozilla, traviata" compressableMimeType="text/html,text/xml,text/css,application/javascript,application/json" useSendfile="false" server="Adeptia" xpoweredby="false" clientauth="true"/>
If the keystore password contains any of following characters then it needs to be escaped with the value mentioned next to it.
CharacterValue" " ' ' < < > > & & For example, if the keystore password is p@ssw0rd&123! then it has to be defined as p@ssw0rd&123!
For better performance of Connect Portal, refer to Performance Tuning for tuning other parameters.- Save the file.
- Restart Connect Portal.
Automatic HTTP to HTTPS Redirection in Connect Portal
If you want to access Adeptia Connect on HTTPS only then you need to redirect HTTP to HTTPS automatically. To enable automatic redirect:
- Go to …/<ConnectPortalInstallFolder>/conf.
- Open web.xml file.
Uncomment the below security constraint within </web-app> and save the file.
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Context</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
</web-app>
Verifying Configuration
To verify whether you have configured SSL certificate in Adeptia Connect:
- Open the browser and hit the URL to access Adeptia Connect using https protocol.
- Adeptia Suite login page appears. Verify your certificate by checking https protocol color in the address bar. If you have used CA signed certificate then https protocol will be green in color () . However, if you have used self signed certificate then https protocol will be red in color ().
Next step