In a production environment, the HTTP port does not provide protection when sending sensitive information, for example administrator passwords, over the network. Software AG recommends disabling the HTTP port in a production environment and using an HTTPs port to ensure secure communication with the Command Central and Platform Manager servers.

Command Central provides a default keystore and truststore that are available after installing Command Central. The keystore and truststore are files that function as repositories for storage of keys and certificates necessary for Secure Socket Layer (SSL) authentication, encryption/decryption, and digital signing/verification services. The default keystore and truststore contain signed certification authority (CA) certificates that the Command Central server uses to validate client certificates.

You can replace the Command Central default keystore and truststore files with custom files. For information about creating keystores and truststores, importing keys and certificates into keystores and truststores, and other operations with these files, refer to the documentation for your certificate management tool.

Before configuring an HTTPS port, you must configure the Command Central server to use SSL, using the Command Line tool.