To configure an HTTPS listener

As a Web site owner or administrator of Enterprise Server, you ensure secure communcation for HTTP (web) traffic using SSL (also called TLS) by creating and configuring an HTTPS listener, as follows:

  1. Connect to ES Admin, for example by entering http://localhost:86 in your Web browser. Make sure the enterprise server you're going to use, for example ESDEMO, is stopped.
  2. Go to the listeners page (click Edit > Listeners). Make sure the Process filter is set to All so you can see all the listeners.
  3. Click Add.
  4. Enter a name for the listener.
  5. Change the Endpoint Address to *.443, which is the default for HTTPS. (This is just an example. Your enterprise server may have multiple HTTPS listeners on different ports.)
  6. Check Secure Sockets Layer.
  7. Enter the filenames of your server certificate and private key in the Certificate and Keyfile fields. If these are not in the default directories, you also need to supply the paths to these files. For example:
    • ssldir\certs\srvcert.pem (Windows) or ssldir/certs/srvcert.pem (UNIX)
    • ssldir\keys\srvkey.pem (Windows) or ssldir/keys/srvkey.pem (UNIX)

    Where ssldir is the directory where Security Pack is installed, and is by default %ProgramFiles(x86)%\Micro Focus\DemoCA (Windows) or /opt/microfocus/DemoCA or $COBSSL (if set) (UNIX). To find out the Windows directory, look up the registry key HKEY_LOCAL_MACHINE\Software\Micro Focus\DemoCA\1.0\Setup\DemoCAFolder.

    Note: Once you have specified a certificate and keyfile you can configure the listener to use TLS protocol and cipher suites. See Configuring a Listener to use TLS Protocols and Cipher Suites for more information.
    Note: Enterprise Developer supports DER, CER, PKCS #7, PKCS #8, PKCS #12 and PEM certificate file formats and PKCS #8, PKCS #12 and PEM for key file formats.
  8. Specify the Supported Conversation Type for this listener, such as the Web Services and J2EE type for secure ESMAC and Web Services conversations. If you do not have a conversation type in mind, then for testing purposes you can create this listener as an "HTTP echo" listener, which provides a simple response to HTTP requests. To do this, select Custom under Supported Conversation Type and enter http-echo in the field alongside. (This is just an example. You may use other conversation types with SSL.)
    Note: Do not use the http-echo conversation type in production. It is intended only for connection testing.
  9. Click Add. On the listeners page, the new listener now has a padlock symbol to show that it uses SSL.

You can use a similar procedure to configure an existing listener to use SSL. SSL is supported for all conversation types, not just HTTPS, provided the client also supports SSL.

Parent topic: Configuring SSL Security