Configuring Optimize Web Services for SSL
In order to secure Optimize for SSL, you must configure all of the following components: Analytic Engine and Web Services Data Collector. For each component, you must set up the appropriate SSL KeyStore and TrustStore in the GlueSSLProperties.xml file, and you must change the Configuration Agent protocol to https in the EndpointRegistry.xml file. The following procedure assumes that you have obtained the appropriate KeyStore and TrustStore files. For more information on installing KeyStore and TrustStore certificates, see Administering My webMethods Server.
Also, this procedure assumes that you have configured the Key and Trust stores for the Central Configuration back end web-application. Refer to the “Security” chapter of Configuring BAM for more information. Completing this procedure enables secure communication between the Central Configuration portlets and the back end web-application.
Configuration of the Analytic Engine and WS Data Collector are identical. Configuring the Infrastructure Data Collector is a different process and is explained in the “Configuring Infrastructure Data Collector” chapter of Administering webMethods Optimize.
Note that the Configuration Agent port for the Web Service Data Collector is 15001.
To configure an Optimize engine for SSL:
1. Copy the appropriate Key and Trust store files to the conf\security\ssl folder.
2. Open the Software AG_directory \optimize\analysis\conf\glue\GlueSSLProperties.xml file and edit the entry for the Key and Trust store file to point to the files you copied in the preceding step.
3. Save the changes to the GlueSSLProperties.xml file and close it.
There are several ways to verify SSL configuration. If you are running the Analytic Engine as a console application on a Windows server, you can check the console window. You should see the following messages in this window.
[STARTUP] Glue 8.0 Fix 2 build 3
[STARTUP] soap/http server started on https://<server name and
domain>:15000/services
[STARTUP] soap/http server started on https://<server name and
domain>:12503/services