When you enable SSL, a server certificate is added to the Directory Services server (for authentication). In addition, the CA certificate is added in two different locations on the Content Platform Engine server (the JDK path location is for authorization). Take care to ensure that the proper certificate is added to each of the three locations.
To enable SSL for Content Platform Engine:
-Djavax.net.ssl.trustStore= path_to_your_keystore_file
-Djavax.net.ssl.trustStorePassword= password_of_your_keystore
Option | Description |
---|---|
WebSphere® Application Server | Configure an SSL repertoire. In the left pane of the WebSphere administrative console, navigate to Security > SSL. In the right pane, select your Java Secure Socket Extension (JSSE) repertoire and specify key and trust file names and passwords. |
Oracle WebLogic Server | Set up a custom identity keystore. In the left pane of the WebLogic Administration Console, navigate to DomainName > Servers > ServerName. In the right pane, select Keystores and SSL and specify the keystore information. |
JBoss Application Server | See your application server documentation. |
Protocol | SSL | Default Port | App Server | Sample URL |
---|---|---|---|---|
HTTP | no | 9080 | WebSphere Application Server | http://mycorp.com:9080/wsi/FNCEWS40MTOM/ |
HTTPS | yes | 9443 | WebSphere Application Server | https://mycorp.com:9443/wsi/FNCEWS40MTOM/ |
IIOP | no | 2809 | WebSphere Application Server | iiop://mycorp.com:2809/FileNetEngine |
IIOP | yes | 2809 | WebSphere Application Server | iiop://mycorp.com:2809/FileNetEngine (defautl) While the default port for IIOP with SSL is port 9403, use port 2809. The web application server resolves the SSL port number correctly. |
HTTP | no | 7001 | WebLogic Server | http://mycorp.com:7001/wsi/FNCEWS40MTOM/ |
HTTPS | yes | 7002 | WebLogic Server | https://mycorp.com:7002/wsi/FNCEWS40MTOM/ |
T3 (IIOP) | no | 7001 | WebLogic Server | t3://mycorp.com:7001/FileNet/Engine |
T3S (IIOP) | yes | 7002 | WebLogic Server | t3s://mycorp.com:7002/FileNet/Engine |
HTTP | no | 8080 | JBoss Application Server | http://mycorp.com:8080/wsi/FNCEWS40MTOM/ |
HTTPS | yes | 8443 | JBoss Application Server | https://mycorp.com:8443/wsi/FNCEWS40MTOM/ |
JNP | no | 1099 | JBoss Application Server | jnp://mycorp.com:1099/FileNet/Engine |
The port values in the table are default values. If you change the port that your application server listens on, you might need to change the port number used by the Content Platform Engine client.