RE: How to Enable HTTPS on Diyotta Controller WEB UI

How to Enable HTTPS on Diyotta Controller WEB UI

Kanth78 Beginner Asked on July 12, 2019 in Installation.
Add Comment
1 Answers

SSL Certificate is major requirement for enabling HTTPS / SSL on DISuite URL. If SSL Certificate is not authorized by CA then the link will show “Invalid SSL Certificate” error.

It is necessary to have SSL cert in Java keystore (JKS) format. Also a 4 digit port need to open on firewall where DISuite is running. To enable HTTPS, follow the below steps

  • Stop the Controller and its Agents.
  • Edit $DI_HOME/server/tomcat/conf/server.xml file in vim editor

Method 1: Enable tomcat to listen on both HTTP and HTTPS ports.

By Default tomcat is listening on HTTP server startup port(9000). Only Need to add another connector for HTTPS.

Add below Tag just after where ${port.startup} tag is defined

 

<Connector port=”8443″ maxThreads=”200″ scheme=”https” secure=”true” SLEnabled=”true” keystoreFile=”<Path to JKS File>” keystorePass=”keystore file password” clientAuth=”false” sslProtocol=”TLS”/>

 

 < – – – – – Save the file and exit from editor – – – – – – – – >

Here user can define any 4-digit port in “<Connector Port=” field. That port should be open

on firewall.

 Method 2: Modify Existing ${port_startup} Tag.

In this method, we will disable existing tag of port_startup. Look for the below line in server.xml and comment it using <!–  and –> before and after this tag

<!–

<Connector port=”${port.startup}” protocol=”HTTP/1.1″            connectionTimeout=”20000″

maxThreads=”200″

               minSpareThreads=”25″

                   enableLookups=”false”

                   acceptCount=”100″

                   disableUploadTimeout=”true” compression=”on” compressionMinSize=”1024″

     noCompressionUserAgents=”gozilla, traviata” compressableMimeType=”application/json”/>

                             –>

 

Now add below line just after commented tag,

 

<Connector port=”${port.startup}” maxThreads=”200″ scheme=”https” secure=”true” SSLEnabled=”true” keystoreFile=”<Path to JKS File>” keystorePass=”keystore file password” clientAuth=”false” sslProtocol=”TLS”/>

 

  This method will enable only HTTPS on Controller’s Startup Port. HTTP will be disabled.

 

  • Start Controller & its agent.
  • Try to access DISuite on https://<ip>:PORT.
Expert Answered on July 12, 2019.
Add Comment

Your Answer

By posting your answer, you agree to the privacy policy and terms of service.