Versions Compared

Old Version 1

changes.mady.by.user Nicolás Palombo

Saved on

compared with

New Version Current

changes.mady.by.user Nicolás Palombo

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

...

Configuring O3 Portal through SSL (https)

...

Note

IMPORTANTE

    Bajar el servidor Jboss

 Procedimiento 

...

titleImportant

Make sure that the O3 Server (JBoss) is not running

  1. Locate folder <O3>/jboss/server/default/deploy/jbossweb-tomcat55.sar
  2. Editar el archivo Edit file server.xml
  3. Ubicar la siguiente sección Locate the following section
    Code Block
    xml
    xml
    <Connector port="8080" address="$\{jboss.bind.address}"
 maxThreads="250" strategy="ms" maxHttpHeaderSize="8192"
 emptySessionPath="true"
 enableLookups="false" redirectPort="8443" acceptCount="100"
 connectionTimeout="20000" disableUploadTimeout="true"/>
  4. Comentar el tag de modo que quede de la siguiente formaComment this section so that is looks as follows:
    Code Block
    xml
    xml
    <\!--  <Connector port="8080" address="$\{jboss.bind.address}"
 maxThreads="250" strategy="ms" maxHttpHeaderSize="8192"
 emptySessionPath="true"
 enableLookups="false" redirectPort="8443" acceptCount="100"
 connectionTimeout="20000" disableUploadTimeout="true"/> \-->

    (warning) Nota
    Si se utiliza CAS, debe saltearse este paso.
    Es necesario este conector para realizar la validación de cas.

    Ubicar la siguiente sección

    Note
    If using CAS, this step must be skipped.
    This connector is required for CAS validation.

  5. Locate the following section
    Code Block
    xml
    xml
    <\!-- <Connector port="8443" address="$\{jboss.bind.address}"
 maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
 emptySessionPath="true"
 scheme="https" secure="true" clientAuth="false"
 keystoreFile="$\{jboss.server.home.dir}/conf/llave_1.keystore"
 keystorePass="rmi+ssl" sslProtocol = "TLS" /> \-->
  6. Descomentarla de modo que quede de la siguiente formaUncomment it so that it looks as follows:
    Code Block
    xml
    xml
    <Connector port="8443" address="$\{jboss.bind.address}"
 maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
 emptySessionPath="true"
 scheme="https" secure="true" clientAuth="false"
 keystoreFile="$\{jboss.server.home.dir}/conf/<nombre_llave>.keystore"
 keystorePass="rmi+ssl" sslProtocol = "TLS" />

    <nombre_llave>.keystore

    Es el nombre del archivo de claves

    Para generarlo ejecutar en una terminal

    Corresponds to the name of the key store

    To generate it execute the following command from a command line:
    Code Block
    EnOn Windows
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA -keystore <O3>\jboss\server\default\conf\nombre_llave.keystore
EnOn Linux
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore <O3>/jboss/server/default/conf/nombre_llave.keystore
    La primer clave que se solicita debe indicarse When prompted for the first key, indicate rmi+ssl, luego se llenan los datos como corresponda
    Para la última clave que se solicita se presionar la tecla ENTERAgregar en la válvula de CAS (CASSingleSignOnValve) el atributo casValidate, cuyo valor debe ser then enter data as requested
    For the last key just press the ENTER key.
  7. Add the attribute casValidate to the CAS Valve (CASSingleSignOnValve), with value "http://<host>:<puerto><port>/cas/proxyValidate", o sea la uri de cas NO HTTPS.
  8. Sustituir <host> y <puerto>, teniendo en cuenta que el puerto es el de HTTP, no el de HTTPS.
  9. Reiniciar el jbossnotice that it is not https.
  10. Replace <host> and <port>. Bear in mind that port is that of HTTP, not HTTPS.
  11. Start JBoss