Configuring SSL for TIBCO Order Management - Low Latency

This section describes how to configure SSL for Order Management Server; the web-based application components of TIBCO Order Management - Low Latency.

Configure SSL by using the following steps:

  1. Edit the application.properties files in the following locations:
    • <OM_HOME>/roles/aopd/standalone/config/application.properties
    • <OM_HOME>/roles/authorization-service/standalone/config/application.properties
    • <OM_HOME>/roles/catalog-services/standalone/config/application.properties
    • <OM_HOME>/roles/configuration-service/standalone/config/application.properties
    • <OM_HOME>/roles/configurator/standalone/config/application.properties
    • <OM_HOME>/roles/dataservice/standalone/config/application.properties
    • <OM_HOME>/roles/orchestrator/standalone/config/application.properties
    • <OM_HOME>/roles/tmf-om-adapter/standalone/config/application.properties
    • <OM_HOME>/samples/processcomponent/standalone/config/application.properties

    Add the following parameters to each application.properties file:

    • server.ssl.key-alias=<key-alias>
    • server.ssl.key-password=<key-password>
    • server.ssl.key-store=classpath:<ssl-key-store-fileName>
    • trust-store=classpath:<ssl-key-store-fileName>
    • trust-store-password=<key-password>

    Change configuration.service.protocol value to https

  2. Keep the keystore files in each directories or in as classpath resource.
    • <OM_HOME>/roles/aopd/standalone/config
    • <OM_HOME>/roles/authorization-service/standalone/config
    • <OM_HOME>/roles/catalog-services/standalone/config
    • <OM_HOME>/roles/configuration-service/standalone/config
    • <OM_HOME>/roles/configurator/standalone/config
    • <OM_HOME>/roles/dataservice/standalone/config
    • <OM_HOME>/roles/orchestrator/standalone/config
    • <OM_HOME>/roles/tmf-om-adapter/standalone/config
    • <OM_HOME>/samples/processcomponent/standalone/config
  3. Edit and save the files and then start the Configurator.
  4. Open the https://host:configuration_port URL in a browser window.
  5. Log in to Configurator.
  6. In Orchestrator > Orchestrator Engine Configuration
    • Change "AOPD Server Protocol" property to "https"
    • Change "Process-Component Protocol" property to "https"
  7. In Orchestrator > Authentication Server Configuration Properties Used for Swagger UI, Catalog service > Authentication Server Configuration Properties Used for Swagger UI, and Data service > Authentication Server Configuration Properties Used for Swagger UI
    • Change "Authorization Server Protocol" property to "https"
  8. In TMFAdapter Service > TMF OM Adapter Engine Configuration
    • Change "Authorization Service HTTP Transport Channel Type" to "https"
    • Change "Orchestrator Service HTTP Transport Channel Type" to "https"
  9. Edit <OM_HOME>/samples/processcomponent/standalone/config/application.properties
    • Set "auth.service.protocol" to "https"
    • Set "orchestrator.service.protocol" to "https"
  10. Start (or restart) all the required services.