Enabling Secure Communication Channels Using Command-Line Scripts
You can use CLI scripts to enable secure communication channels for the HTTP connector, external database, database authentication realm, and LDAP authentication realm.
Before you begin
Edit the file TIBCO_HOMEadministrator/versionscripts/bootstrap-edit-build.properties. Specify appropriate values for the following properties:
instance.properties.file
- the location of theremote_props.properties
file.tibco.config.mgmt.home
- the folder containing runtime object configuration, referred to as CONFIG_HOME.admin.enterprise.name
- the enterprise name.admin.instance.name
- the name of the Administrator server instance.
Follow these procedures to enable SSL for the listed components.
HTTP Connector
- Procedure
- Edit the data file for the HTTP connector. The file is located
at
TIBCO_HOME/administrator/version/scripts/edit-httpconnector-data.xml
.
- Update the
serverBaseUrl
attribute to point to the correct host and port. Make sure thehttps
prefix is used. - Uncomment the
SSLConfig
element. - Specify valid keystore details.
- Update the
- From the command-line prompt, navigate to the TIBCO_HOME/administrator/version/scripts folder.
- Run the ant script ant -f bootstrap-edit-build.xml edit-httpconnector .
ResultSee the
sequence in which the resources are redeployed. Lastly the SystemNode is
restarted.
External Database
- Procedure
- If moving from a different database, use the database specific migration tools to export or import existing data to the new database.
- Edit the data file for the application database. The file is
located at
TIBCO_HOME/administrator/version/scripts/edit-external-database-data.xml.
- Uncomment the
SSLConfig
element and specify valid keystore details. - Set the
sslJNDIName
to the value of the SSLConfig > SSLClientResource > name field. - Add the attribute
sslJNDIName
to the elementJdbcResourceTemplate
which is a child ofAppDatabaseDetails
.
- Uncomment the
- From the command-line prompt, navigate to the TIBCO_HOME/administrator/version/scripts folder.
- Run ant script with command line ant -f bootstrap-edit-build.xml edit-external-database.
Result See the
sequence in which the resources are redeployed. Lastly the SystemNode is
restarted.
Database Authentication Realm
- Procedure
- If moving from a different database, use the database specific migration tools to export or import existing data to the new database.
- Edit the data file for the database realm database. The file is
located at
TIBCO_HOME/administrator/version/scripts/edit-authrealm-external-database-data.xml.
- Uncomment the
SSLConfig
element and specify valid keystore details. - Set the
sslJNDIName
to the value of the SSLConfig > SSLClientResource -> name field. - Add the attribute
sslJNDIName
to theJdbcResourceTemplate
element.
- Uncomment the
- From the command-line prompt, navigate to the TIBCO_HOME/administrator/version/scripts folder.
- Run ant script with command line ant -f bootstrap-edit-build.xml edit-inprocess-database.
ResultSee the
sequence in which the resources are redeployed. Lastly the SystemNode is
restarted.
LDAP Authentication Realm
- Procedure
- Edit the data file for the database realm database. The file is
located at
TIBCO_HOME/administrator/version/scripts/edit-authrealm-ldap-data.xml.
- Uncomment the
SSLConfig
element and specify valid keystore values. - Make sure the LDAP URL has the
ldaps://
prefix.
- Uncomment the
- From the command-line prompt, navigate to the TIBCO_HOME/administrator/version/scripts folder.
- Run ant script with command line
ant -f bootstrap-edit-build.xml
edit-authrealm-ldap.
See the sequence in which the resources are redeployed. Lastly the SystemNode is restarted.