How to enabling SSL Authentication for Hawk WebConsole
Article ID: KB0084168
Updated On:
| Products | Versions |
|---|---|
| TIBCO Hawk | 5.x |
Description
The WebConsole is hosted inside the Tomcat web container, thus, enable SSL for the Tomcat Web container to enable SSL for WebConsole. Follow the steps mentioned in the Tomcat documentation at the following URL to configure SSL in the Tomcat Web container:
https://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
https://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
Issue/Introduction
How to enabling SSL Authentication for Hawk WebConsole
Environment
All
Resolution
Alternatively, you can also follow these steps to quickly enable SSL over HTTP for the Tomcat Web container:
1). Open the command prompt and navigate to the JDK Installation folder, or you can navigate to <tibcojre_home>.
2). Run the following command to create a keystore file to store the server's private key and self-signed certificate:
3). When prompted, specify the password string, for example, "hawkwebconsole". The password can be any string. The same password needs to be specified in the server.xml configuration file (see step 6).
4). When prompted, specify general information about the certificate such as company, contact name and so on. This information helps users to validate the authenticity of the certificate as this information is displayed to users who attempt to access a secure page in your application.
The .keystore file with the Certificate is created in the same JDK installation folder.
5). Browse to the configuration folder of the Hawk WebConsole and open the file server.xml for editing.
6). Enter the following information under the Catalina service tag <Service name="Catalina">:
7). Save the file and restart Hawk WebConsole.
To verify, type the URL "https://localhost:8443/hawkwebconsole/" in a web browser and press Enter. Web browser should display Hawk WebConsole.
1). Open the command prompt and navigate to the JDK Installation folder, or you can navigate to <tibcojre_home>.
2). Run the following command to create a keystore file to store the server's private key and self-signed certificate:
JAVA_HOME\bin\keytool -genkey -alias tomcat -keyalg RSA
3). When prompted, specify the password string, for example, "hawkwebconsole". The password can be any string. The same password needs to be specified in the server.xml configuration file (see step 6).
4). When prompted, specify general information about the certificate such as company, contact name and so on. This information helps users to validate the authenticity of the certificate as this information is displayed to users who attempt to access a secure page in your application.
The .keystore file with the Certificate is created in the same JDK installation folder.
5). Browse to the configuration folder of the Hawk WebConsole and open the file server.xml for editing.
HAWK_HOME/webconsole/tomcat/conf/server.xml
6). Enter the following information under the Catalina service tag <Service name="Catalina">:
<Connector protocol="org.apache.coyote.http11.Http11Protocol"
port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="<path of .keystore file>"
keystorePass="hawkwebconsole"
clientAuth="false" sslProtocol="TLS"/>
port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="<path of .keystore file>"
keystorePass="hawkwebconsole"
clientAuth="false" sslProtocol="TLS"/>
7). Save the file and restart Hawk WebConsole.
To verify, type the URL "https://localhost:8443/hawkwebconsole/" in a web browser and press Enter. Web browser should display Hawk WebConsole.
Additional Information
Hawk documentation.
TIBCO Hawk -> Installation, Configuration, and Administration Guide -> Chapter 2 Configuring TIBCO Hawk Components -> Configuring Hawk WebConsole -> Basic Configurations
TIBCO Hawk -> Installation, Configuration, and Administration Guide -> Chapter 2 Configuring TIBCO Hawk Components -> Configuring Hawk WebConsole -> Basic Configurations
Feedback
Yes
No
Powered by
