- Excel Desktop Client new !
Once cacerts has the self-signed certificate, and the key pair is stored in the keystore, the EASA Server can be configured to run HTTPS.
Two methods are detailed below:
After a key pair has been created and stored in easastore.jks and an SSL Certificate has been created and installed in cacerts, EASA can be configured to use Secure SSL mode following the steps below.
The two methods above produce cacerts and easastore.jks files in two possible locations, use the one that corresponds to your case.
Once the SSL key pair and certificate are in the expected locations, the last task is to configure the EASA Server to use HTTPS.
<servlet-mapping> <servlet-name>UserData</servlet-name> <url-pattern>/client/security/*</url-pattern> </servlet-mapping>
<Connector port="8443" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" scheme="https" secure="true" SSLEnabled="true" keystoreFile="./conf/easastore.jks" keystorePass="123123" acceptCount="100" debug="0" clientauth="false" sslProtocol="TLS" URIEncoding="UTF-8" />
Prior to installation, the EASAP Builder and Compute Server Config Tool (together historically known as the EASA Client) will look for a cacerts file in a folder called security\
After SSL has been configured and activated a customer may wish all plain http requests be redirected to encrypted https urls.
<security-constraint> <web-resource-collection> <web-resource-name>Protected Context</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <!-- auth-constraint goes here if you require authentication --> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>