How to enable encryption (https) on all CySight screens
Posted: Tue Nov 24, 2009 1:50 pm
Here are three easy steps to enable encryption (https) on the CySight web portal.
1. Generate a self signed key and store it to the keystore file defined.
Windows
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA -keystore \path\to\my\keystore
Unix:
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore /path/to/my/keystore
Windows Example
C:\Program Files\Java\jre6>bin\keytool -genkey -alias tomcat -keyalg RSA -keystore c:\tomcatkeystore
Enter keystore password: [pass1234]
Re-enter new password: [pass1234]
What is your first and last name?
[Unknown]: Boris
What is the name of your organizational unit?
[Unknown]: Research and Development
What is the name of your organization?
[Unknown]: cysight
What is the name of your City or Locality?
[Unknown]: Oakland
What is the name of your State or Province?
[Unknown]: NJ
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=Boris, OU=Research and Development, O=cysight, L=Oakland, ST=New Jersey, C=US correct?
[no]: yes
Enter key password for <tomcat>
(RETURN if same as keystore password):[Return]
2. Open the comment for https in Tomcat conf\server.xml and add "keystoreFile" and "keystorePass"
Example
<!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="c:\tomcatkeystore"
keystorePass="pass1234" />
3. Open FireWall to allow 8443 port.
For advanced user to refer to http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html
1. Generate a self signed key and store it to the keystore file defined.
Windows
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA -keystore \path\to\my\keystore
Unix:
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore /path/to/my/keystore
Windows Example
C:\Program Files\Java\jre6>bin\keytool -genkey -alias tomcat -keyalg RSA -keystore c:\tomcatkeystore
Enter keystore password: [pass1234]
Re-enter new password: [pass1234]
What is your first and last name?
[Unknown]: Boris
What is the name of your organizational unit?
[Unknown]: Research and Development
What is the name of your organization?
[Unknown]: cysight
What is the name of your City or Locality?
[Unknown]: Oakland
What is the name of your State or Province?
[Unknown]: NJ
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=Boris, OU=Research and Development, O=cysight, L=Oakland, ST=New Jersey, C=US correct?
[no]: yes
Enter key password for <tomcat>
(RETURN if same as keystore password):[Return]
2. Open the comment for https in Tomcat conf\server.xml and add "keystoreFile" and "keystorePass"
Example
<!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="c:\tomcatkeystore"
keystorePass="pass1234" />
3. Open FireWall to allow 8443 port.
For advanced user to refer to http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html