Configuring erwin DIS on HTTPS
By default, HTTPS / SSL is not configured and enabled in Tomcat Web server. SSL setup is required to
make erwin DIS accessible over HTTPS protocol.
This document will help you through on how to configure SSL on Tomcat and access the erwin DIS
application with SSL.
Pre-requisites
✓ Java – Oracle JRE 8u192 or Open JDK 8
✓ Tomcat – v8.0.39 or v8.5.35/41
The set up consists in four basic steps:
The keys Tomcat use for SSL transactions are stored in a password-protected file called "Keystore."
A program called “Keytool” which is included with your JDK, will do the actual work of creating your new keystore.
Execute the following command as below: (Use an [alias] and [path] of your choice)
Command: C:\Program Files\AdoptOpenJDK\jdk-8.0.212.03-hotspot\bin>keytool -genkey -
alias mycert -keyalg RSA -keystore D:\erwinDGkeystore.jks
When you type the above command, it will ask you to enter password and few security
questions. (Password should be minimum of 6 characters).
On submission of the above mentioned questions, system will create a Keystore file (e.g.:
mycert.jks) in the specified path (D :\)
Configuring Tomcat to use the Keystore
• Open <tomcat-installation-directory>/conf/server.xml in a text editor.
• Search for "Define a SSL HTTP/1.1 Connector on port 8443". By default, the Connector
configuration will be commented in the file.
• And, add the following contents in the snapshot attached to configure for the HTTPS setup
NOTE: Enter the Keystore file path and Key store password in the server.xml file and save it.
Uncomment and modify the changes as below and restart the tomcat.
After Changes
NOTE: Change the port number of Connector port and redirect port to 443 if you don’t want to see
the port number while accessing the AMM URL, else you can go with the default port 8443 in the
server.xml file.
Check SSL / HTTPS setup
a) Start the Tomcat server. Otherwise restart if already started.
b) Open https://localhost in browser.
To make erwin DIS work with SSL, Open the web.xml file and add the following code in the end of the
web.mxl file (before </web-app> tag ends) and restart tomcat.
NOTE: Enter the resource name i.e., the AMM application name (in this example we have used
erwinDISuite (<web-resource-name>erwinDISuite</web-resource-name>)
Path for web.xml: <Tomcat-installation-directory>/webapps/MappingManager/WEB-INF/web.xml
The URL pattern is set to /* so any page from erwin DIS is secure (it can be only accessed with https). The transport-guarantee tag is set to CONFIDENTIAL to make sure erwin DIS will work on SSL.
If you want to turn off the SSL, you don’t need to delete the code above from web.xml, simply change
CONFIDENTIAL to NONE.
Finally, open https://localhost/APP_NAME in web browser and make sure erwin DIS is working via
https.
NOTE: In the URL you are seeing the red line or the “not secure” against https because we do not
have a valid certificate. If you apply valid certificate this will be resolved.
© ALL RIGHTS RESERVED. Feedback 이용 약관 개인정보 보호정책 Cookie Preference Center