Calyx RIM 6.2 CHF 2 Installation Guide

Enable SSL for Calyx RIM

Due to the complexity of configuring Calyx RIM for use in an SSL (Secure Sockets Layer) environment, all SSL configurations must be done by the Client Enablement team. Outside RSA certificates may be involved, several browser-specific configuration modifications are necessary, and there are multiple ways to set up SSL, some of which Calyx RIM may not be able to support.

Warning: SSL configurations are supported only when they are installed by Client Enablement, and only defects that can be duplicated on a normal Calyx RIM installation will be addressed.
  1. To enable SSL, some modifications need to be made to the %INSIGHT_HOME%/server/all/deploy/jbossweb.sar/server.xml file.
  2. Open the server.xml file.
    1. Comment out the following block of code to disable http connections on port 8080 by using the comment tags (<!-- and -->): 
      
<Connector protocol="HTTP/1.1"
address="${jboss.bind.address}"
                    
port="${jboss.web.http.port}"
redirectPort="${jboss.web.https.port}"
                     
maxPostSize="150000000"
maxThreads="250" acceptCount="100"
enableLookups="false"
                     
connectionTimeout="20000"
disableUploadTimeout="true"
URIEncoding="UTF-8"
                     
compression="on"
compressableMimeType="text/html,text
/xml,text/javascript,text/css"
                     
/>
    2. Uncomment the following block of XML to enable https connections on port 8443 by removing the comment tags (<!-- and -->): 
      
<Connector protocol="HTTP/1.1"
address="${jboss.bind.address}"
port="${jboss.web.https.port}"
                     
SSLEnabled="true" scheme="https"
secure="true"
                     
maxPostSize="150000000"
maxThreads="250" acceptCount="100"
enableLookups="false"
                     
connectionTimeout="20000"
disableUploadTimeout="true"
URIEncoding="UTF-8"
                     
compression="on"
compressableMimeType="text/html,text
/xml,text/javascript,text/css"
                     
SSLVerifyClient="none" SSLProtocol="TLSv1"
                     
SSLCertificateFile="${jboss.server.base.dir}/all
/conf/insight/insightcert.pem"
                     
/>
  3. Update the insight.var file:
    • useSsl=true
    • port=8443
  4. Restart the Calyx RIM service.