Skip to main content
insightsoftware Documentation insightsoftware Documentation
{%article.title%}
Published:
Was this article helpful?
0 out of 0 found this helpful

Managing Security of Noetix Search

Configuring SSL, HTTPS in Tomcat

By default, the Noetix Search application can be accessed over Hypertext Transfer Protocol (HTTP). You can implement the transport layer security (TLS) for the application by configuring Apache Tomcat to use Secure Sockets Layer (SSL) and Hypertext Transfer Protocol Secure (HTTPS) connections.

To configure Tomcat to use SSL, HTTP connections

To configure SSL for Tomcat, perform the following:

Open server.xml at <installation location>\Noetix\Noetix Search\Tomcat\conf\, and uncomment the following code snippet:

<!--

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"

maxThreads="150" scheme="https" secure="true"

clientAuth="false" sslProtocol="TLS" />

-->

Update the code in step a to modify the protocol declaration and add the keystoreFile and keystorePass values as follows:

<Connector SSLEnabled="true" acceptCount="100" clientAuth="false"

disableUploadTimeout="true" enableLookups="false" maxThreads="25"

port="8443" keystoreFile="<specify your key file>" keystorePass="<specify password>"

protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https"

secure="true" sslProtocol="TLS" />

You create the keystore file and keystore password when you generate an SSL certificate for your web browsers.

 

To configure HTTPS for Tomcat, perform the following:

Open web.xml at <installation location>\Noetix\Noetix Search\Tomcat\conf\, and uncomment the following code snippet under <web-app>:

<!--

<security-constraint>

<web-resource-collection>

<web-resource-name>noetixsearch</web-resource-name>

<url-pattern>*.jsp</url-pattern>

<url-pattern>*.png</url-pattern>

<url-pattern>*.xsl</url-pattern>

<url-pattern>*.xml</url-pattern>

<url-pattern>*.css</url-pattern>

<url-pattern>/admin/jquery-1.4.3.min.js</url-pattern>

<url-pattern>/admin/logging</url-pattern>

</web-resource-collection>

<user-data-constraint>

<transport-guarantee>NONE</transport-guarantee>

</user-data-constraint>

</security-constraint>

-->

Modify the value of <transport-guarantee> from NONE to CONFIDENTIAL in the code in step a as follows:

<transport-guarantee>CONFIDENTIAL</transport-guarantee>

You must perform this step to prevent users from accessing the application through both HTTP and HTTPS connections.

Published:

Managing Security of Noetix Search

Configuring SSL, HTTPS in Tomcat

By default, the Noetix Search application can be accessed over Hypertext Transfer Protocol (HTTP). You can implement the transport layer security (TLS) for the application by configuring Apache Tomcat to use Secure Sockets Layer (SSL) and Hypertext Transfer Protocol Secure (HTTPS) connections.

To configure Tomcat to use SSL, HTTP connections

To configure SSL for Tomcat, perform the following:

Open server.xml at <installation location>\Noetix\Noetix Search\Tomcat\conf\, and uncomment the following code snippet:

<!--

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"

maxThreads="150" scheme="https" secure="true"

clientAuth="false" sslProtocol="TLS" />

-->

Update the code in step a to modify the protocol declaration and add the keystoreFile and keystorePass values as follows:

<Connector SSLEnabled="true" acceptCount="100" clientAuth="false"

disableUploadTimeout="true" enableLookups="false" maxThreads="25"

port="8443" keystoreFile="<specify your key file>" keystorePass="<specify password>"

protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https"

secure="true" sslProtocol="TLS" />

You create the keystore file and keystore password when you generate an SSL certificate for your web browsers.

 

To configure HTTPS for Tomcat, perform the following:

Open web.xml at <installation location>\Noetix\Noetix Search\Tomcat\conf\, and uncomment the following code snippet under <web-app>:

<!--

<security-constraint>

<web-resource-collection>

<web-resource-name>noetixsearch</web-resource-name>

<url-pattern>*.jsp</url-pattern>

<url-pattern>*.png</url-pattern>

<url-pattern>*.xsl</url-pattern>

<url-pattern>*.xml</url-pattern>

<url-pattern>*.css</url-pattern>

<url-pattern>/admin/jquery-1.4.3.min.js</url-pattern>

<url-pattern>/admin/logging</url-pattern>

</web-resource-collection>

<user-data-constraint>

<transport-guarantee>NONE</transport-guarantee>

</user-data-constraint>

</security-constraint>

-->

Modify the value of <transport-guarantee> from NONE to CONFIDENTIAL in the code in step a as follows:

<transport-guarantee>CONFIDENTIAL</transport-guarantee>

You must perform this step to prevent users from accessing the application through both HTTP and HTTPS connections.

For an optimal Community experience, Please view on Desktop