Page History
...
Configuration of its communication with Teamwork Cloud is located in in <installation_directory>/WebAppPlatform/shared/conf/webappplatform.properties.
...
The default port for the admin console is is 8443. In this example, we will make the changes necessary to run over http on the default port of of 8443.
The webapp server configuration is located in <installation_directory>/WebAppPlatform/conf/server.xml.
...
The changes which we implemented consist of changing the port from from 8080 to to 8443, and removing a redirect which would route to the handler on port port 8443.
Since we have configured this connector to listen on port port 8443, we now need to remove the existing connector handler on port port 8443.
The following section
...
If a signed certificate is being used to replace the self-signed certificate, we need to update configurations in three files: <installation_directory>/configuration/application.conf, <installation_directory>/AuthServer/config/authserver.properties and and <installation_directory>/WebAppPlatform/conf/server.xml.
To list the aliases of the using the command command <path_to_java_bin_directory>/keytool -v -list -keystore <keystorefile>. For this example, the location of my keytool executable is /opt/local/java/jdk1.8.0_192/bin/keytool, and the the keystore file is the default default keystore.p12. The command is being executed from the same directory where where keystore.p12 is is located. When the command is executed, you will be prompted for the keystore password. For our self-signed certificate (keystore.p12), it is is nomagic.
Code Block |
---|
# /opt/local/java/jdk1.8.0_192/bin<path_to_keytool>/keytool -v -list -keystore keystore.p12 Enter keystore password: Keystore type: PKCS12 Keystore provider: SUN Your keystore contains 1 entry Alias name: teamworkcloud Creation date: Oct 30, 2018 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: Owner: CN=10.254.254.56 |
You will execute this command on whichever certificate you will be using. In this case, the alias is is teamworkcloud and and the certificate was generated for an an Owner with with a common name (CN) of 10.254.254.56, which happens to be a self-signed certificate for a machine with IP 10.254.254.56. Your keystore may contain multiple certificates with different aliases. You will identify the relevant one based on the Owner information. Once we have this information, we can proceed with the configuration.
For this example, we will assume that our new certificate is named server.p12, the keystore password is "mypassword" and the alias is "myserver", and that we will export the certificate into a file named myserver.crt.
First, copy it to the the <install_directory>/configuration/ directory directory.
Now Next, we will proceed to edit application.conf.need to export the certificate so that we can import it into the truststore (<teamwork_cloud_install_directory>/AuthServer/config/truststore.jks)
Code Block |
---|
<path_to_keytool>/keytool -export -keystore <teamwork_cloud_install_directory>/configuration/server.p12 -storepass mypassword -alias myserver -file <teamwork_cloud_install_directory>/AuthServer/config/truststore/myserver.crt
|
Now we will proceed to edit application.conf.
Code Block |
---|
ssl { keystorePath = "configuration/server.p12" keystoreType = "pkcs12" keystorePassword = "mypassword" keyPassword = "mypassword" } |
Code Block |
---|
https { { # the file name of the certificate or the key store (should be a full path) file = "configuration/server.p12" AuthServer/config/truststore/myserver.crt" # certificate_mode: "true" if the file is a certificate; "false" if the file is a key store. is_certificate_file = falsetrue # key store password password = "mypassword" } |
Next, we proceed to edit edit authserver.properties.
Code Block |
---|
server.ssl.key-store=../configuration/server.p12 server.ssl.key-store-type=PKCS12 server.ssl.key-store-password=mypassword server.ssl.key-password=mypassword server.ssl.key-alias=myserver |
Next, we need to delete the truststore (<teamwork_cloud_install_directory>/AuthServer/config/truststore.jks), so that it will be recreated upon restarting authserver.
Finally, we will edit edit server.xml.
Code Block |
---|
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation" maxThreads="150" SSLEnabled="true"> <SSLHostConfig> <Certificate certificateKeystoreFile="../configuration/server.p12" certificateKeystorePassword="mypassword" certificateKeyAlias="myserver" type="RSA" /> </SSLHostConfig> </Connector> |
...