Absent Member.. Yashwanth_Rao Absent Member..
Absent Member..
411 views

(SM) Support tip: How to get HPSM web client on HTTPS?

The configuration of accessing HP SM web client on https is particularly done at the tomcat side configuration for SSL and not SM side configuration. For https, there is no need to create a SSL between SM server and tomcat, instead there has to configure a secure connection between web browsers – used by end users – and HP Service Manager web tier on the web server “Apache Tomcat” using https protocol you can do the following steps in a simple way:

 

  1. Creating a Keystore file using Java:

 

 Open cmd and go to the bin folder of your JVM – you can get the path from the Tomcat configure wizard as follows:

 Run the following command

 

 keytool -genkey -alias tomcat -keyalg RSA

 

Enter a password for the keystore file – here it is "password"

Optionally, you can enter the following fields for org unit, org, Cite, State, Country Code then yes before finally entering the same password again.

 

 Now a keystore file should be created on your user home directory. On Windows in this example, it will be on:

 

“C:\Users\username\.keystore”

 

 

 2. Configure Apache Tomcat web server to connect using secure protocol https – Apache 7 is used in this example:

 

Open “server.xml” file from this path “C:\Program Files (x86)\Apache Software Foundation\Tomcat 7.0\conf”.

Go to this part in the file:

 

 

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"

maxThreads="150" scheme="https" secure="true"

clientAuth="false" sslProtocol="TLS" />

 

Uncomment the above part and modify it to be as follows:

  

 

<Connector SSLEnabled="true" acceptCount="100" clientAuth="false"

disableUploadTimeout="true" enableLookups="false" maxThreads="25"

port="8443" keystoreFile="C:\Users\Administrator\.keystore" keystorePass="password"

protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https"

secure="true" sslProtocol="TLS" />

 

Note that you should change the keystore path and password

Save the file and exit

 

 

3. Configure SM web tier to connect using https protocol

 

Open “web.xml” file from this path

 

“C:\Program Files (x86)\Apache Software Foundation\Tomcat 7.0\webapps\hpsm\WEB-INF”

 

Search for “securelogin” parameter and change it from false to true.

 

And now finally you can access HP Service Manaegr through https protocol in secure way using the following path https://yourSMAppServer:8443/SMwebtier/index.do

 

Labels (1)
Tags (2)
1 Reply
Honored Contributor.. NeoJax Honored Contributor..
Honored Contributor..

Re: (SM) Support tip: How to get HPSM web client on HTTPS?

Hi Yaswanth,

 

Thanks for sharing good KM for making url HTTPS.

 

I tried & url was converted into HTTPS, but there is a concern:

 

 

Is there any way by whihc we can encrypt the password, mentioned in server.xml file, since it lead to vulnerability & security lapses.

 

<Connector SSLEnabled="true" acceptCount="100" clientAuth="false"

disableUploadTimeout="true" enableLookups="false" maxThreads="25"

port="8443" keystoreFile="C:\Users\Administrator\.keystore" keystorePass="password"

protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https"

secure="true" sslProtocol="TLS" />

 

 

Thanks

Neo

 

 

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.