You can use the node.conf.yaml and server.conf.yaml configuration
files to configure the port that is used to connect to the web user
interface, and to secure the connection.
About this task
The IBM App Connect Enterprise web user interface enables you to access integration
node or integration server resources by using a web browser, and it provides integration
administrators with a method of administering those resources. For more information about the web
user interface, see IBM App Connect Enterprise web user interface. To learn some basics about administering IBM App Connect Enterprise with the web user interface, see the tutorial "Getting started -
Exploring the Web UI" in the IBM App Connect
Enterprise Toolkit.
Procedure
- Open the node.conf.yaml or server.conf.yaml
configuration file for your integration node or server, by using a YAML editor.
You can edit the file by using the built-in YAML editor that is provided in the IBM App Connect
Enterprise Toolkit, either by double-clicking the file in the Application
Development view or by right-clicking the file and selecting . If you choose to edit the file by
using a plain text editor, ensure that you do not include any tab characters (which are not valid in
YAML) and use a YAML validation tool to validate the contents of your file.
Set the RestAdminListener properties, which control the settings
for the web user interface:
- Set the port property to the port to be used by the web user
interface and the IBM App Connect
Enterprise Toolkit. By default, this port is set to
4414.
- Optional:
If you want to secure the connection, set the following properties:
- Set
host: 'hostname'
Specify the
hostname where the integration node or integration server is running.
- If you want to use basic authentication for users who log in to the web user
interface, uncomment the following property:
- basicAuth: true
- Specify whether clients require a web username and password (true or
false).
You also need to create at least one username and password, by running the mqsiwebuseradmin command as described in the later step section
"Additional steps for security configuration".
- If you want to use SSL or TLS to secure the connection:
Set the following properties:
- sslCertificate
- Specify the path to a certificate store for use in securing the REST Administration port, which
is used by the Web User Interface and IBM App Connect
Enterprise Toolkit, in the form
/path/to/serverPKCS.p12.
If you are using a .pem
certificate, the sslCertificate is the full path to the server certificate
key.
If you are using .p12
or .pfx
certificate, the
sslCertificate is the full path to the server certificate store file.
-
The certificate store cannot be in JKS format, and hence must be a separate certificate store
from the certificate store that is used by the integration server for things such as HTTPS message
flow nodes.
- sslPassword
- Specify the server certificate password alias, in the form
adminRestApi::sslpwd
. If you are using a .pem
certificate, the
sslPassword is the full path to the server private key, which must be a
standard private key and not an encrypted one.
If you are using .p12
or
.pfx
certificate, the sslPassword is the passphrase or alias
to the passphrase of the certificate store.
You also need to set the password to be used for your server certificate, by running the
mqsisetdbparms command as described in the later step section
"Additional steps for security
configuration".
- If you want to use SSL client certificates (mutual authentication):
- requireClientCert
- Specify whether a certificate is to be requested from the client (true or false).
- caPath
- Specify the file path that contains certificate authority certificates; all files in this path
are read.
- If you want to view message flow statistics in the web user interface, you must also
enable the reporting of message flow statistics and accounting data, as described in Configuring the collection of message flow statistics by using a .yaml configuration file. The web user interface consumes message flow statistics and accounting data
in JSON format, which means that you must include json as one of the values in the
outputFormat property in the .conf.yaml configuration
file.
- If you want to view resource statistics in the web user interface, you must enable the
reporting of these statistics as described in Managing resource statistics collection.
- Save the .yaml file. The properties that you set in the .yaml file take effect when the
integration node or server is started. If you modify these properties again, you must also restart
the integration node or server.
- Restart the integration node or server for the changes to take effect.
Additional steps for security configuration:
- If you set
basicAuth: true
, create one or more usernames and passwords
that users must specify when they start the web user interface.
- If you set
sslCertificate
and sslPassword
to use SSL or
TLS to secure the connection.
In the
IBM App Connect Enterprise command console, use the
mqsisetdbparms command to set the password to be used for your server
certificate. For
example:
mqsisetdbparms -w c:\workdir\ACEServ1 -n adminRestApi::sslpwd -u dummy -p password
For more information about configuring use of SSL or TLS to secure the connection, see Configuring SSL or TLS for an integration node or server.
Results
You can now access the web user interface by opening a browser
and specifying the host and port that you configured in the .yaml configuration
file. For more information, see Accessing the web user interface.