Configuring the IBM App Connect Enterprise web user interface

You can use the node.conf.yaml and server.conf.yaml configuration files to configure the port that is used to connect to the web user interface, and to secure the connection.

Before you begin

Configure an integration node or server, by following the instructions described in Configuring an integration node by modifying the node.conf.yaml file or Configuring an integration server by modifying the server.conf.yaml file.

About this task

The IBM App Connect Enterprise web user interface enables you to access integration node or integration server resources by using a web browser, and it provides integration administrators with a method of administering those resources. For more information about the web user interface, see IBM App Connect Enterprise web user interface. To learn some basics about administering IBM App Connect Enterprise with the web user interface, see the tutorial "Getting started - Exploring the Web UI" in the IBM App Connect Enterprise Toolkit.

Procedure

  1. Open the node.conf.yaml or server.conf.yaml configuration file for your integration node or server, by using a YAML editor.

    You can edit the file by using the built-in YAML editor that is provided in the IBM App Connect Enterprise Toolkit, either by double-clicking the file in the Application Development view or by right-clicking the file and selecting Open with > YAML editor. If you choose to edit the file by using a plain text editor, ensure that you do not include any tab characters (which are not valid in YAML) and use a YAML validation tool to validate the contents of your file.

Set the RestAdminListener properties, which control the settings for the web user interface:

  1. Set the port property to the port to be used by the web user interface and the IBM App Connect Enterprise Toolkit. By default, this port is set to 4414.
  2. Optional: If you want to secure the connection, set the following properties:
    1. Set host: 'hostname'
      Specify the hostname where the integration node or integration server is running.
    2. If you want to use basic authentication for users who log in to the web user interface, uncomment the following property:
      basicAuth: true
      Specify whether clients require a web username and password (true or false).

      You also need to create at least one username and password, by running the mqsiwebuseradmin command as described in the later step section "Additional steps for security configuration".

    3. If you want to use SSL or TLS to secure the connection:
      Set the following properties:
      sslCertificate
      Specify the path to a certificate store for use in securing the REST Administration port, which is used by the Web User Interface and IBM App Connect Enterprise Toolkit, in the form /path/to/serverPKCS.p12.

      If you are using a .pem certificate, the sslCertificate is the full path to the server certificate key.

      If you are using .p12 or .pfx certificate, the sslCertificate is the full path to the server certificate store file.

      The certificate store cannot be in JKS format, and hence must be a separate certificate store from the certificate store that is used by the integration server for things such as HTTPS message flow nodes.

      sslPassword
      Specify the server certificate password alias, in the form adminRestApi::sslpwd.

      If you are using a .pem certificate, the sslPassword is the full path to the server private key, which must be a standard private key and not an encrypted one.

      If you are using .p12 or .pfx certificate, the sslPassword is the passphrase or alias to the passphrase of the certificate store.

      You also need to set the password to be used for your server certificate, by running the mqsisetdbparms command as described in the later step section "Additional steps for security configuration".

    4. If you want to use SSL client certificates (mutual authentication):
      requireClientCert
      Specify whether a certificate is to be requested from the client (true or false).
      caPath
      Specify the file path that contains certificate authority certificates; all files in this path are read.
  3. If you want to view message flow statistics in the web user interface, you must also enable the reporting of message flow statistics and accounting data, as described in Configuring the collection of message flow statistics by using a .yaml configuration file. The web user interface consumes message flow statistics and accounting data in JSON format, which means that you must include json as one of the values in the outputFormat property in the .conf.yaml configuration file.
  4. If you want to view resource statistics in the web user interface, you must enable the reporting of these statistics as described in Managing resource statistics collection.
  5. Save the .yaml file. The properties that you set in the .yaml file take effect when the integration node or server is started. If you modify these properties again, you must also restart the integration node or server.
  6. Restart the integration node or server for the changes to take effect.

Additional steps for security configuration:

  1. If you set basicAuth: true, create one or more usernames and passwords that users must specify when they start the web user interface.
    In the IBM App Connect Enterprise command console, create a username and password by issuing the mqsiwebuseradmin command. For example:
    mqsiwebuseradmin -w c:\workdir\ACEServ1 -u admin -a password -c

    For more information about configuring basic authentication, see Configuring HTTP basic authentication for an integration node or server.

  2. If you set sslCertificate and sslPassword to use SSL or TLS to secure the connection.
    In the IBM App Connect Enterprise command console, use the mqsisetdbparms command to set the password to be used for your server certificate. For example:
    mqsisetdbparms -w c:\workdir\ACEServ1 -n adminRestApi::sslpwd -u dummy -p password 

    For more information about configuring use of SSL or TLS to secure the connection, see Configuring SSL or TLS for an integration node or server.

Results

You can now access the web user interface by opening a browser and specifying the host and port that you configured in the .yaml configuration file. For more information, see Accessing the web user interface.