Modify the server to receive incoming SSL requests

To enable PolicyCenter to respond to a request over SSL from a particular inbound connection, your proxy handles encryption. The connection between PolicyCenter and the proxy server remains unencrypted. Configure the proxy to know the URL and port (location) of the server that originates the request.

Procedure

  1. Edit your proxy server configuration so it is aware of the following items.
    • The externally-visible domain name of the reverse proxy server
    • The port number of the reverse proxy server
    • The protocol the client used to access the proxy server, in this case HTTPS
  2. To ensure your PolicyCenter server is aware of the proxy, edit the web application container server configuration CATALINA_HOME/conf/server.xml on your PolicyCenter server. Add another connector as shown in the following XML snippet. 
    <!-- Define a non-SSL HTTP/1.1 Connector on port <port number> to receive decrypted
  communication from Apache reverse proxy on port 11410 -->
<Connector acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true"
  enableLookups="false"maxHttpHeaderSize="8192" maxSpareThreads="75" maxThreads="150"
  minSpareThreads="25" port="portnumber" redirectPort="8443" scheme="https" proxyName="hostname"
  proxyPort="portnumber">
</Connector>
  3. You must substitute the following parameters contained in the snippet.

    port

    The port number for the additional connector for access through the proxy

    proxyName

    The deployment server’s name

    proxyPort

    The port for encrypted access through Apache

    scheme

    The protocol used by the client to access the server
  4. After configuring the server.xml file, restart your application server.