Configuring SSL security

The steps for configuring secure connections with the server are similar to the steps for any Java™ Platform, Enterprise Edition server.

Before you begin

To set up SSL security, you need a certificate for the server.

About this task

Because the IBM® UrbanCode Deploy server runs on Apache Tomcat, you can refer to the instructions for configuring security on Tomcat: http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html#Certificates

Procedure

Setting up SSL security for the server involves the following general steps:

  1. Transfer the files for the certificate to the computer that hosts the IBM UrbanCode Deploy server.
  2. Add the certificate to the server keystore. The server has a default keystore in the file server_install/opt/tomcat/conf/tomcat.keystore. The default password for this keystore is changeit.
  3. Restart the server.
  4. Similarly, add the same certificate to the keystore of each agent and agent relay. For example, the default location of an agent keystore is agent_install/conf/ibm-ucd.keystore.
  5. Optional: To configure secure communication between the IBM UrbanCode Deploy server and an LDAP server, add the LDAP server certificate to the JRE_install/jre/lib/security/cacerts file. This file is on the IBM UrbanCode Deploy server. Use the installation folder of the JRE for JRE_install.

Feedback