What I want to do is deploy a simple web application on WebSphere CE and make it work through SSL ? I generated a key and deployed an application but it works only through HTTP and doesn't work through SSL. How to enable SSL ? Please point me to the right direction..
SSL service is listening on different port. Check servers -> application servers -> your server -> ports -> details, or something similar. You can also find these ports from a file called serverindex.xml from inside the profile directory.
Related
In Weblogic, I have more than one Machines created using Node Manager. We have been told to setup SSL implementation for our Application which is deployed across created machines in a single Weblogic Admin Console.
So for the Application we had configured certificate using .jks file and configured SSL listen port by enabling it.
However we have been told to secure Node Manager machines in which application are deployed across as well. While enabling Node Manager type to SSL instead of Plain I am getting SSLException. By the fact we no need to secure Machines which were created using Node Manager, only securing Application is sufficient. Is am I right. Else is it required to Secure Machines -> Node Manager as well.
When I am turning SSL in Machines -> Node Manager, what are the things I have to consider to avoid SSLException. Is the Weblogic restart required If configure this or so. For now I do not have UNIX access, hence I couldn't do that at this moment.
Please advise on this situation. Without securing Machines -> Node Manager I am able run the application. But not able to access it using https. Only http for the Application is working.
Please advise on the situation.
SSL for node manager is optional as there's no application related sensitive data that flows in this layer.
You mention even after configuring jks you can't get the server and hence the application listening on https. Could you elaborate what steps did you follow. Note this has nothing to do with node manager
We are trying to setup the Worklight Server for production, which is behind a reverse proxy that will help manage the SSL certificate.
What this means is that, when the user hit the domain, say https://mydomain.com:443, the proxy will automatically forward the request to the Worklight Server on port 9080.
After the setup is done for the reverse proxy following this guide, the installers.html page is working well. However we notice that when we try to access the console using https://mydomain.com:443/appcenterconsole, the user gets redirect to http://mydomain.com:9080/appcenterconsole/console.html instead and this is causing problem.
I searched around and found this link Worklight Console redirects to port 9080, which is similar to the problem i'm having. Is there a way for me to configure the Websphere Liberty Profile so that it will use the reverse proxy URL as the redirection URL?
I notice also that the index.html file in the appcenterconsole.war is using the meta refresh method to do the redirection. I'm tempted to change it to use a full URL, but then i also notice that the same issue happens when we go to the login.html and perform login. (Whereby after login, the page redirects the user with the 9080 port as well).
Any pointers or idea are welcomes. The Worklight version used is 6.1.
Thank you.
EDIT
The network setup in my environment:
Proxy Gateway (with SSL cert) configured to connect to Worklight Server for port 9080 whenever a connection with port 80 or 443 is received. Therefore:
https://mydomain.com:443/appcenterconsole -> will be mapped to http://worklightserver:9080/appcenterconsole
The mapping is done internally between the proxy and the worklight server.
When we type the full URL on the browser, ie. https://mydomain.com:443/appcenterconsole/console.html after i login, the console works fine.
Have you set up the JNDI entries detailed here?
http://pic.dhe.ibm.com/infocenter/wrklight/v6r1m0/index.jsp?topic=%2Fcom.ibm.worklight.installconfig.doc%2Fappcenter%2Fr_ac_appres_endpoint.html
I have WCf service hosted in windows service.
I would want to know how would i make service accessible only through SSL and use certificate provided by certificate issuer(Godaddy,verisign etc).
If you created a WCF-Service you'll be forced to use an Windows IIS Server to host your application. When using an IIS, you can specify the Port and an SSL-Certificate.
To do this, just
add a new Website to your IIS. Make sure, you are using an application pool that supports .NET Framework 4.0.
copy your compiled WCF-Service and all references/files that your services needs to the associated IIS-Site-Folder
Configure the Bindings of this IIS Page. You need an imported SSL-Certificate at this point. If you already imported it, you can choose it from a ListBox within the Bindings-Dialog.
Within that dialog, you can specify the port
Make sure you've opened that port on your firewall
If you delete other bindings (meaning all HTTP Bindings), you can make sure that your service is only reachable through SSL and your specific port.
If you need cheap, good and multidomain/wildcard certificates, please check out StartSSL. In my opinion, they serve you the best.
You can find more information about IIS Configuration here.
I have a IBM HTTP Web Server setup as a reverse proxy for a WebSphere application server. We use Oracle Access Manager for user authentication. There is also a Oracle Webgate running on the IHS server to intercept the requests and check them against the Oracle policy.
I can see the authentication going through and Oracle passes back the value needed in an HTTP Header, OAM_REMOTE_USER. The problem is, at some point in the process, that header is not passed on to the WebSphere Application Server.
The Oracle Webgate is monitoring port 8443, but I am not understanding if that means for the Web Server or the App Server since both are on the same physical machine and have the same server name. If I just create a virtual host on the Web Server for 8443 and do not create the port on the App Server, the headers are going through correctly. The problem with this is that I have to use PreserveProxyHeader for the request to go through the WebGate 8443 port, so after authentication it comes back looking for my Application on port 8443, which does not exist on the Web Server. The only way it can find my application on port 8443 is if I also add a port on the App server for that port, which contains the application.
I guess the main thing I am struggling to understand is if I need to define the port Webgate monitors on the HTTP Server and App Server, or if it should only be on the HTTP Server side. It seems like no matter what I do, at some point the request gets redirected from the HTTP Server to the App Server and strips out any OAM HTTP headers that were there. I've managed to prevent them from dropping by removing the 8443 port from the app server, but now my app cannot be mapped to.
This is WebSphere App Server 8.0 and IBM HTTP Server 8.0.0.5.
In the administrative console, click Servers > Server Types > Web servers > web_server_name > Plug-in properties > Request routing. Disable "Remove special headers". Regenerate your plugin configuration XML, and redistribute it.
I'm trying to connect to my Meteor project via SSL/TLS.
Therefore I did the following:
meteor add force-ssl
in the meteor folder.
Then I start the programm with 'meteor'.
Everything is running fine on localhost, but if I want to connect to the server with giving the IP and Port over http, I get redirected to a https connection with the same IP and an 'Unable to connect message'.
Note: I created a certificate on my own an put it into the Meteor/server folder.
Does anyone know my mistake?
If you need to enable SSL support for your Meteor app deployed with Meteor Up. Now it has the support for SSL. You just need to tell where the SSL certificate and the key are.
If you are not familiar with the process of generating a SSL certificate, follow this guide.
Disclaimer: I'm the author of Meteor Up.
You can't just put the certificate inside Meteor/server folder. You will need a web server to proxy the request and configure that server with your certificate (Docs also say that, search for force-ssl: http://docs.meteor.com/)
I recommend you to put an nginx instance as the proxy. Here an example of how to do it: http://www.digicert.com/ssl-certificate-installation-nginx.htm