Switch from HTTP to HTTPS Mode Using a Secure HTTP Server Adapter

You can switch from HTTP to HTTPS mode by using a Secure HTTP Server adapter.

About this task

To switch from HTTP to HTTPS mode:

Procedure

  1. Create a new HTTP Server adapter instance with SSL enabled. You must configure the following parameters as specified:
    • User Authentication Required is set to No
    • Use SSL is set to Must
  2. Deploy admin.war to the HTTP Server adapter instance with SSL enabled. The URL to deploy the admin.war file must be specified as /dashboard.
    Note: The admin.war file must be picked up from the /install_dir/noapp/deploy directory when configuring the HTTP Server Adapter instance. Additionally, the context name of the admin web application must match the ADMIN_CONTEXT_PATH parameter in /install_dir/properties/sandbox.cfg file.

    The ADMIN_CONTEXT_PATH in sandbox.cfg is set to ws. This value should not be modified.

    For all the other web applications, the context name should be the name of the war file without the ".war" extension.

    This is necessary so that any changes made via a patch or hotfix are automatically reflected in the HTTP Server adapter deployment.

  3. Open the sandbox.cfg file and modify the following parameters: 
    WEBAPP_PROTOCOL=https
WEBAPP_LIST_PORT=<secure_http_server_adapter_port>
    These parameters are used by the GPM for communication with the server.
  4. (Optional, Recommended) If you want to turn off the deployment of the Dashboard and GPM Web applications on the base port, specify the following parameters in a customer_overrides.properties file: 
    noapp.SKIP_BASEPORT_DEPLOYMENT_WARS=
admin,gbm,myaft
noapp.HTTPS_REDIRECT_WARS=
admin,gbm,myaft
noapp.HTTPS_LIST_PORT=
<secure_http_server_adapter_port>
    For example: 
    
## Identifies the war files to be skipped during deployment on the base port.
## Use comma-separated list to specify multiple wars
noapp.SKIP_BASEPORT_DEPLOYMENT_WARS=admin,gbm,myaft
## Identifies wars for auto-redirect to the https port.
## Use comma-separated list to specify multiple wars
noapp.HTTPS_REDIRECT_WARS=admin,gbm,myaft
## Identifies the https port for the redirected wars.
## If specified, this should match the WEBAPP_LIST_PORT in sandbox.cfg
noapp.HTTPS_LIST_PORT=<secure_http_server_adapter_port>
  5. If you want to use a different certificate for this functionality, modify /install_dir/properties/customer_overrides.properties to add following line: noapp.sslCert={mention_name_of_your_own_cert}. If you do not specify a different certificate, the functionality uses ASISslCert.
  6. (Optional) If you want to send cookies from the browser using a secure protocol like HTTPS, navigate to /install_dir/properties and specify the following parameter in a customer_overrides.properties file: 
    ## sending cookies as secure over https
http.useSecureCookie=true
  7. Navigate to /install_dir/bin.
  8. Stop Sterling B2B Integrator.
  9. Apply the configuration changes. Enter ./setupfiles.sh.
  10. Deploy the new configuration. Enter ./deployer.sh.
  11. Start Sterling B2B Integrator.
  12. 11. Verify the Dashboard Web application is accessible via the HTTP Server adapter by accessing https://host: <secure_http_server_adapter_port>/dashboard.
  13. Verify the GPM Web application is accessible via the secure HTTP Server adapter by accessing https://host:<secure_http_server_adapter_port>/gbm/pmodeler/ProcessModeler.jnlp.
  14. Save and close the file.
  15. If you turned off the deployment of the Dashboard and GPM Web applications on the base port (Step 4), verify the following:
    • Dashboard Web application access on http://host:baseport/dashboard is redirected to https://host:<secure_http_server_adapter_port>/dashboard automatically.
    • GPM Web application access on http://host:baseport/gbm/pmodeler/ProcessModeler.jnlp is redirected to https://host:<secure_http_server_adapter_port>/gbm/pmodeler/ProcessModeler.jnlp automatically.