Versions Compared

Old Version 1

changes.mady.by.user user-66fe9

Saved on

compared with

New Version 2

changes.mady.by.user Agne P.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Configuration of its communication with Teamwork Cloud is located in in <installation_directory>/WebAppPlatform/shared/conf/webappplatform.properties.

...

The default port for the admin console is is 8443.  In this example, we will make the changes necessary to run over http on the default port of of 8443.

The webapp server configuration is located in <installation_directory>/WebAppPlatform/conf/server.xml.

...

The changes which we implemented consist of changing the port from from 8080 to  to 8443, and removing a redirect which would route to the handler on port port 8443.

Since we have configured this connector to listen on port port 8443, we now need to remove the existing connector handler on port port 8443.

The following section

...

If a signed certificate is being used to replace the self-signed certificate, we need to update configurations in three files:  <installation_directory>/configuration/application.conf<installation_directory>/AuthServer/config/authserver.properties and  and <installation_directory>/WebAppPlatform/conf/server.xml.

To list the aliases of the using the command command <path_to_java_bin_directory>/keytool -v -list -keystore <keystorefile>.   For this example, the location of my keytool executable is /opt/local/java/jdk1.8.0_192/bin/keytool, and the  the keystore file is the default default keystore.p12. The command is being executed from the same directory where where keystore.p12 is  is located.  When the command is executed, you will be prompted for the keystore password.  For our self-signed certificate (keystore.p12), it is is nomagic.

Code Block
# /opt/local/java/jdk1.8.0_192/bin<path_to_keytool>/keytool -v -list -keystore keystore.p12 
Enter keystore password:  
Keystore type: PKCS12
Keystore provider: SUN

Your keystore contains 1 entry

Alias name: teamworkcloud
Creation date: Oct 30, 2018
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=10.254.254.56

You will execute this command on whichever certificate you will be using. In this case, the alias is is teamworkcloud and  and the certificate was generated for an an Owner with  with a common name (CN) of 10.254.254.56, which happens to be a self-signed certificate for a machine with IP 10.254.254.56.  Your keystore may contain multiple certificates with different aliases. You will identify the relevant one based on the Owner information. Once we have this information, we can proceed with the configuration.

For this example, we will assume that our new certificate is named server.p12, the keystore password is "mypassword" and the alias is "myserver", and that we will export the certificate into a file named myserver.crt.

First, copy it to the the <install_directory>/configuration/ directory directory.

Now Next, we will proceed to edit application.conf.need to export the certificate so that we can import it into the truststore (<teamwork_cloud_install_directory>/AuthServer/config/truststore.jks)

Code Block
<path_to_keytool>/keytool -export -keystore <teamwork_cloud_install_directory>/configuration/server.p12 -storepass mypassword -alias myserver -file <teamwork_cloud_install_directory>/AuthServer/config/truststore/myserver.crt

Now we will proceed to edit application.conf.


Code Block
                ssl {
                        keystorePath = "configuration/server.p12"
                        keystoreType = "pkcs12"
                        keystorePassword = "mypassword"
                        keyPassword = "mypassword"
                }


Code Block
 https {                  {

                        # the file name of the certificate or the key store (should be a full path)
                        file = "configuration/server.p12"   AuthServer/config/truststore/myserver.crt"

                        # certificate_mode: "true" if the file is a certificate; "false" if the file is a key store.
                        is_certificate_file = falsetrue

                        # key store password
                        password = "mypassword"
                }


Next, we proceed to edit edit authserver.properties.

Code Block
server.ssl.key-store=../configuration/server.p12
server.ssl.key-store-type=PKCS12
server.ssl.key-store-password=mypassword   
server.ssl.key-password=mypassword
server.ssl.key-alias=myserver

Next, we need to delete the truststore (<teamwork_cloud_install_directory>/AuthServer/config/truststore.jks), so that it will be recreated upon restarting authserver.

Finally, we will edit edit server.xml.

Code Block
    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
               maxThreads="150" SSLEnabled="true">
      <SSLHostConfig>
        <Certificate certificateKeystoreFile="../configuration/server.p12"
                     certificateKeystorePassword="mypassword"
                     certificateKeyAlias="myserver"
                     type="RSA" />
      </SSLHostConfig>
    </Connector>

...