Configuring SSL for ObjectServer user authentication

ObjectServer user authentication can be configured to use SSL by completing the following steps.

1. Complete step 1 in Enabling SSL communication with the ObjectServer to configure Netcool/OMNIbus for SSL communication.
2. Copy the self-signed certificate from the ObjectServer server to all Impact Servers and GUI Servers.
3. Enter the commands to import the certificate into the Impact Server and GUI Server truststores. For more information about the import commands, see Enabling SSL connections with external servers.
4. Update the $IMPACT_HOME/install/security/impactncos.properties file.
   1. Enter the ObjectServer information.
   2. Ensure that the correct port for SSL is used.
   3. Set the NCOSSSLEnabled property to true.
5. In $IMPACT_HOME/install/security, run the confAuth4OMNIbus script, then enter the enable command.
   Note: By default, SSL connections from Netcool/Impact to the ObjectServer use the most secure protocol supported by the ObjectServer. However, you can use any version of the TLS protocol. If you want to restrict which protocols are enabled by Impact for SSL connections to the ObjectServer, you can add a property to the <ServerName>_server.props file (where <ServerName> is the name of the Impact Server instance) called impact.server.objectserversecureprotocols. For this property, specify a comma-separated list of allowed protocols, for example TLSv1.1,TLSv1.2 or just TLSv1.2.