CentraSite 10.11 | CentraSite Administrator’s Guide | CentraSite Command Line Tools | Configuring CentraSiteCommand to Use SSL
 
Configuring CentraSiteCommand to Use SSL
Pre-requisites:
To configure CentraSiteCommand tool to use SSL, you must have the CentraSite Administrator role.
You can configure CentraSiteCommand tool to communicate with CentraSite Application Server Tier through secure HTTP (HTTPS) connection. When configuring CentraSiteCommand tool to use HTTPS with Secure Sockets Layer (SSL), the necessary keystores and truststores must be set in order to access the required security databases and certificates. The truststore should contain a certificate that is accepted by the Tomcat. A list of certificates that are accepted by Software AG Runtime is defined by the keystore entries in the <SoftwareAG_directory>/profiles/CTP/configuration/​com.softwareag.platform.config.propsloader/com.soeag.catalina.connector.https.pid-CentraSite.properties file.
*To configure CentraSiteCommand to use SSL
1. Using KeyStore Explorer, open the Tomcat keystore. The default keystore is localhost_dont_use_in_production.jks located at <Software AG_directory>/profiles/CTP/configuration/tomcat/conf/localhost_dont_use_in_production.jks.
When prompted for a password, use the default password (change_this_password) for keystores.
2. Right-click on the keypair, and choose Export > Export Certificate Chain.
3. Export the full certificate chain into the Software AG_directory:
<Software AG_directory>/profiles/CTP/configuration/tomcat/conf/centrasite.cer
4. Create a keystore in JKS format to use for SSL.
5. Choose Tools > Import Trusted Certificate to add the exported certificate to the keystore.
6. Select and import the self-signed certificate (centrasite.cer) into the new keystore (centrasitekeystore.jks).
7. Create a keystore alias using the keystore (centrasitekeystore.jks).
When asked for an alias provide the host name of the machine where CentraSite is installed.
For more information on creating a keystore alias, see webMethods Integration Server Administrator’s Guide.
8. Save the new keystore alias ascentrasitekeystore.jks into the CentraSiteCommand directory:
<Software AG_directory>/CentraSite/utilities
When prompted for a password to save the keystore alias, the default password for keystores and truststores is change_this_password.
9. Open the CentraSiteCommand.cmd file in a text editor. You can find the CentraSiteCommand.cmd file in the following location:
<Software AG_directory>/CentraSite/utilities
10. Locate the parameter setting SET FINAL_CMD=%CS_JAVA_EXE%.
CentraSiteCommand
SET FINAL_CMD=%CS_JAVA_EXE% -Dinstallpath=%CENTRASITE_HOME% -DextensionCommand=%CENTRASITE_HOME%\utilities\ExtensionCommand.xml -Dlog4j.configuration=file:%CENTRASITE_HOME%\utilities\log4j.xml -Djava.util.logging.config.file=%CENTRASITE_HOME%\utilities\logging.properties -cp %LOCAL_CLASSPATH% com.softwareag.centrasite.administration.cli.CentrasiteCommand %*
ToolboxCommand
set EXECUTABLE=%CS_JAVA_EXE% -Dcentrasite.installation.root=%CENTRASITE_HOME% -Dlog4j.configurationFile=log4j2.properties -Djava.util.logging.config.file=unused -cp %LOCAL_CLASSPATH% %CLASS% %*
11. Add the SSL parameter setting:
CentraSiteCommand
SET FINAL_CMD=%CS_JAVA_EXE% -Dinstallpath=%CENTRASITE_HOME% -DextensionCommand=%CENTRASITE_HOME%\utilities\ExtensionCommand.xml -Dlog4j.configuration=file:%CENTRASITE_HOME%\utilities\log4j.xml -Djava.util.logging.config.file=%CENTRASITE_HOME%\utilities\logging.properties -Djavax.net.ssl.trustStore=centrasitekeystore.jks -Djavax.net.ssl.trustStorePassword=change_this_password -Djavax.net.ssl.trustStoreType=jks -cp %LOCAL_CLASSPATH% com.softwareag.centrasite.administration.cli.CentrasiteCommand %*
ToolboxCommand
set EXECUTABLE=%CS_JAVA_EXE% -Dcentrasite.installation.root=%CENTRASITE_HOME% -Dlog4j.configurationFile=log4j2.properties -Djava.util.logging.config.file=unused -Djavax.net.ssl.trustStore=centrasitekeystore.jks -Djavax.net.ssl.trustStorePassword=change_this_password -Djavax.net.ssl.trustStoreType=jks -cp %LOCAL_CLASSPATH% %CLASS% %*
12. Save and close the file. CentraSiteCommand should now be using SSL.