As a Web site owner or administrator of
Enterprise Server, to ensure secure communcation using SSL, you create and configure an HTTPS listener, as follows:
- Connect to ES Admin, for example by entering
http://localhost:86 in your Web browser. Make sure the enterprise server you're going to use, for example ESDEMO, is stopped.
- Go to the Listeners page and find your HTTPS listener. The status column should indicate "Start pending" and the Status Log
column shouold show "Waiting for keyfile passphrase".
- Go to the listeners page, (click
Edit
>
Listeners). Make sure the
Process filter is set to
All so you can see all the listeners.
- Click
Add.
- Enter a name for the listerner.
- Change the Endpoint Address to
*.443, which is the default for HTTPS.
- Check
Secure Sockets Layer.
- Enter the filenames of your server certificate and private key in the Certificate and Keyfile fields. If these are not in
the default directories, you also need to supply the paths to these files. For example:
-
ssldir\certs\srvcert.pem
(Windows) or
ssldir/certs/srvcert.pem
(UNIX)
-
ssldir\keys\srvkey.pem
(Windows) or
ssldir/keys/srvkey.pem
(UNIX)
Where
ssldir is the directory where Security Pack is installed, and is by default
%ProgramFiles(x86)%\Micro Focus\DemoCA (Windows) or
/opt/microfocus/DemoCA/openssl or
$COBSSL (if set) (UNIX).
To find out the
Windows
directory, look up the registry key
HKEY_LOCAL_MACHINE\Software\Micro Focus\DemoCA\1.0\Setup\DemoCAFolder.
Note: Once you have specified a certificate and keyfile you can configure the listener to use TLS protocol and cipher suites. See
Configuring a Listener to use TLS Protocols and Cipher Suites for more information.
Note: Enterprise Developer supports DER, CER, PKCS #7, PKCS #8, PKCS #12 and PEM certificate file formats and PKCS #8, PKCS #12 and PEM for key file
formats.
- Specify that this will be an "HTTP echo" listener, which provides a simple response to HTTP requests. To do this, select
Custom under Supported Conversation Type and enter
http-echo in the field alongside.
- Click
Add. On the listeners page, the new listener now has a padlock symbol to show that it uses SSL.