Setting Security Configuration for CentraSite Application Server Tier Components

CentraSite 10.5 | CentraSite Administrator’s Guide | Configuring CentraSite | Configuring Secure Communication Between Components | Securing Communication Between the CRR and the CAST | Setting Security Configuration for CentraSite Application Server Tier Components

To configure the secure communication for CentraSite Application Server Tier (CAST) through the Command Line Interface, you must have the CentraSite Administrator privileges.

You can define the SSL security values for use in the CentraSite Application Server Tier using the set SSL AST command. To define the SSL security values for CentraSite Application Server Tier to connect to CRR, you must perform the following high-level steps:

Export the AST configuration file (AST-config.xml) to a editable format using the get SSL AST command.

Modify the SSL AST configuration parameters.

Execute the set SSL AST command to define the SSL security values for AST.

To set the security configuration for CentraSite application server tier components (CAST)

1. To export the AST configuration file (AST-config.xml) to an editable format. For more information, see Obtaining Security Configuration of CentraSite Application Server Tier .

To update the SSL settings for outbound AST traffic, modify the com.softwareag.centrasite.security.* properties.

Note:
When AST and RR components are authenticated with the 2-way SSL environment, the authentication does not work if the security configuration of one of the components AST or RR is modified. So if you intend to modify the default security configuration, ensure that you modify the configuration for both components AST and CRR. In addition, ensure that you execute the set SSL RR command before you execute the set SSL AST command.

2. To define the SSL security values for CAST, run the command set SSL AST.

The syntax is of the format: C:\SoftwareAG\CentraSite\utilities>CentraSiteCommand.cmd set SSL AST -url <CENTRASITE-RR-URL> -user <USER-ID> -password <PASSWORD> -file <CONFIG-FILE>

The input parameters are:

Parameter	Description
-url	The URL of the CentraSite registry. For example, https://localhost:53313/CentraSite/CentraSite. Note: Even when you are setting the CAST properties, you need to reference the RR port in the URL.
-user	The user ID of a registered CentraSite user who has the CentraSite Administrator role. For example, Administrator.
-password	The password for the registered CentraSite user identified by the parameter -user.
-file	The absolute or relative path to the XML configuration file, AST-config.xml, containing the security properties. If relative, the path should be relative to the location from where the command is executed.

Note:
If you change the default configuration, this command modifies the SSL configuration for RR. A time stamped archive of the previous configuration will be available in the configuration file cast-config.YYYY-MM-DD_HH-MM-SS.xml in the folder <CentraSiteInstall_Directory>/cfg/archive.

Example:

C:\SoftwareAG\CentraSite\utilities>CentraSiteCommand.cmd set SSL AST -url https://localhost:53313/CentraSite/CentraSite -user Administrator -password manage -file AST-config.xml

The response to this command is as follows:

Executing the command : set SSL AST

Successfully executed the command : set SSL AST