Hello everyone,
I need to figure out a solid way to change a basic distributed FileNet installation (CPE-Navigator-DB on WAS) to SSL from a non SLL environment and perhaps vice-versa. (Apart from adding the certificates in WAS)
There are certain points in the installation/configuration that involve ports and SSL enabling flags (as check boxes).
I believe that, unless we know, where all this information is stored or which parameters are affected in the Application Server with each check box selection, there is no way we can perform such task.
First, in the CPE installer:
URL used in WcmApiConfig.properties file: http://localhost:port/wsi/FNCEWS40MTOM/
Can I change the port from 9080 to 9443 in the file sometime after the deployment is done?
As the file is located in <CPE Home>\tools\PE\config, I suppose we need to re-build and re-deploy the CPE .ear file after the change, correct?
Then, in the CMUI:
1. Application server properties dialog. This seems to be the most important setting. There is a check box, 'Use SSL certificates for server communication'
- Tooltip help says 'changes WebSphere settings for communcating with other (WebSphere) servers like AE (and Navigator?)'
- Does this check box sets some parameter(s) in WebSphere? Which parameter(s) is that? Checking-Unchecking this combo box, changes 'SSL server communication' on pressing button "Finish" and sets/resets the WAS parameters?
2. Task 'Configure LDAP'. Another check box 'SSL enabled'. When checked, what changes on running the task? Which WAS parameters are affected? I would expect that Ldap server and port should be enough.
3. Database connections. There is no check box here, but db server and port is probably enough. For DB2, I know a custom property sslConnection must be created and set to 'true'. No sure about other databases.
Anyone can shed some light here?
BR
------------------------------
Christos Chorattides
Datatech
------------------------------