Changing to insecure HTTP communication between Process Center and Process Server

If you configured your IBM® Business Process Manager environment using V8.5.5 or later, HTTPS is set as the default for communication between the Process Center and the Process Server in both Typical and Custom installations. Follow the procedure below to configure your environment to use insecure HTTP.

Before you begin

This task uses the setBPMVirtualHost command, which is run using the AdminTask object of the wsadmin scripting client. To run the command, the following prerequisites must be met:

The command must be run on the deployment manager node.
If the deployment manager is stopped, use the wsadmin -conntype none option to run the command in disconnected mode.
If the deployment manager is running, you must connect with a user ID that has WebSphere Application Server configurator privileges. Do not use the wsadmin -conntype none option.

Start the wsadmin scripting client from the deployment_manager_profile/bin directory. The setBPMVirtualHost command does not write to a log file, but the wsadmin scripting client always writes a profile_root/logs/wsadmin.traceout log file where you will find exception stack traces and other information.

About this task

Typical installation uses HTTPS in both directions by default.
Custom installation uses HTTPS by default for the connection from Process Center to Process Server. The connection between Process Server and Process Center uses the bpm.de.psProcessCenterTransportProtocol setting in the BPMConfig properties file, which is set to HTTPS in the sample properties file. See Configuration properties for the BPMConfig command.

Procedure

To change to HTTP for the connection from Process Server to Process Center, update processCenterUrl and processCenterInternalUrl configuration properties to point to an insecure HTTP endpoint of Process Center. See Using wsadmin commands to customize the Process Server settings used to connect to Process Center.
To change to HTTP for the connection from Process Center to Process Server, select one of the following options to change the configuration on the Process Server. For more information see Configuring endpoints to match your topology. Also, for strategies in the com.ibm.bpm.endpoint.impl.strategies default package, the package name can be omitted in the configuration.
- Use an IBM BPM virtual host reference to the HTTP port of the Process Server web server. The following example assumes a deployment environment name of De1, which can be omitted if there is only one deployment environment in the WebSphere cell:
```
AdminTask.setBPMVirtualHost( [ '-de', 'De1', '-name', 'ps_insecure_ihs', 
'-transportProtocol', 'http', '-hostname', 'psihshostname.domain.com' ] )
AdminTask.setBPMEndpoint( [ '-scenario', 'HEARTBEAT_DESIGNATED_DEPLOYMENT_ENDPOINT', 
'-strategies', 'WCCMConfigStrategy', '-virtualHost', 'ps_insecure_vh' ] )
AdminConfig.save()
```
- Use an IBM BPM virtual host reference to the HTTP port of the web container of the Process Server for a single cluster member. You can use the same sample script as above, but use the host and port information of a Process Server cluster member's web container, such as 9080.
- Use the com.ibm.bpm.endpoint.impl.strategies.CurrentJVMInsecureStrategy strategy attribute. For example:
```
wsadmin -lang jython -conntype none -c "AdminTask.setBPMEndpoint( [ '-de', 'De1', '-scenario', 
'HEARTBEAT_DESIGNATED_DEPLOYMENT_ENDPOINT', '-strategies','CurrentJVMInsecureStrategy' ] )
```
  Note: The syntax of the command must be specified on a single input line. If there is only one deployment environment in the WebSphere cell, you can omit the -de parameter.