It's all about the answers!

Ask a question

RTC 3.0: disabling SSL


Stefano Antoniazzi (170711) | asked Jan 10 '11, 2:59 p.m.
edited May 11 '16, 10:11 a.m.
Is it still correct what's written in:

https://jazz.net/wiki/bin/view/Main/TestingWithReverseProxyWithoutSSL ?

That is I just need to:

- In the web.xml file, change all occurrences of CONFIDENTIAL to NONE (only for the jts application?)

-If you use Apache Tomcat, navigate to the Jazz-Team-Server-installation-directory/ server/tomcat/conf directory.

* Open the server.xml file in an editor. Remove the redirectPort attribute from the 9080 Connector element. Save the file.


Then I need to run again the setup wizard?

Comments
Stefano Antoniazzi commented May 11 '16, 10:09 a.m.

 See the last answer in this post to get the correct answer.

10 answers



permanent link
John Vasta (2.6k15) | answered Jan 10 '11, 3:36 p.m.
FORUM MODERATOR / JAZZ DEVELOPER
That looks to be essentially the same as what the documentation says, in

http://publib.boulder.ibm.com/infocenter/clmhelp/v3r0/topic/com.ibm.jazz.install.doc/topics/t_disable_server_certificates.html

I don't think you need to run the setup wizard again. Unless you want to change the public URI settings? That can cause problems - there could be artifacts persisted that refer to the initial public URI settings. Switching to a non-SSL configuration is something you should really do as part of your initial configuration.

Is it still correct what's written in:

https://jazz.net/wiki/bin/view/Main/TestingWithReverseProxyWithoutSSL ?

That is I just need to:

- In the web.xml file, change all occurrences of CONFIDENTIAL to NONE (only for the jts application?)

-If you use Apache Tomcat, navigate to the Jazz-Team-Server-installation-directory/ server/tomcat/conf directory.

* Open the server.xml file in an editor. Remove the redirectPort attribute from the 9080 Connector element. Save the file.


Then I need to run again the setup wizard?

permanent link
Stefano Antoniazzi (170711) | answered Jan 11 '11, 2:26 a.m.
The problem is really the public URI. I tried to change the jts and the ccm public URI via the admin function but I got a broken ccm... (a lot of components in error state, jts not giving me ccm as a registered application) so I asked here.

So yesterday I just reverted the web.xml, server.xml and team.properties for going back to the SSL configuration and everything worked again.

Today I tried again....
- changed web.xml
- changed server.xml
- run jts/setup
...
and everything works without SSL.

Maybe changing the public URI using the ccm admin function is not a good idea....

Hope it helps for somebody else.

permanent link
Stefano Antoniazzi (170711) | answered Jan 11 '11, 2:36 a.m.
Not everything is as I expected...

I still see in the friend list for ccm
https://(mydomain):9443/jts/rootservices
and not http on 9080

and I still see from jts point of view (registered applications) that ccm URI

https://(mydomain):9443/ccm/scr

So I changed all https connection to http from jts admin and ccm admin and I
1) DELETED ccm from friend's list (saving all the parameters)
2) ADD again ccm as a new friend (and passed the new registration on http)

permanent link
Henna Sidhu (1161312) | answered Apr 14 '11, 8:41 a.m.
Could you describe what all chamges you made to disable ssl.I'm running into similiar problems. My public URL is https, and after diabling ssl as mentioned in this post,the initial access to jts and ccm does take me to http:9080, but if i try to access the apps from within the jts I am redirected to https:9443.

Thanks

permanent link
Alex Chalini (61) | answered May 11 '11, 7:44 a.m.
fairplay, after your last changes, were you able to use unsecured connections ?

permanent link
Aaron Allsbrook (71157) | answered May 11 '11, 1:03 p.m.
Is there additional information regarding the no SSL configuration support for RTC 3.0?

I have followed the help instructions but still having significant issues Fundamentally I want to access the CCM url without have to accept a security certificate.

The instructions only are concerned with turning the JTS web app from CONFIDENTIAL to NONE. Are there additional instructions for doing the same to the ccm application?

I have updated the web.xml for the ccm, updated the public uris in the two admin consoles....

Now the majority of my components fail with a

CRJAZ1135I Failed to find the service
"com.ibm.team.repository.service.compatibility.internal.IJtsConfigurationStateService"
with a matching filter "(validJtsConfig=true)". Use the
administrative UI to verify that the server and applications are
configured correctly.

permanent link
Christophe Elek (2.9k12921) | answered May 11 '11, 1:19 p.m.
JAZZ DEVELOPER


Now the majority of my components fail with a

CRJAZ1135I Failed to find the service
"com.ibm.team.repository.service.compatibility.internal.IJtsConfigurationStateService"
with a matching filter "(validJtsConfig=true)". Use the
administrative UI to verify that the server and applications are
configured correctly.


Was the public URI setup to https://myHostname or http://myhostanme
I suggest we install and configure with http://

permanent link
Aaron Allsbrook (71157) | answered May 11 '11, 1:30 p.m.


Now the majority of my components fail with a

CRJAZ1135I Failed to find the service
"com.ibm.team.repository.service.compatibility.internal.IJtsConfigurationStateService"
with a matching filter "(validJtsConfig=true)". Use the
administrative UI to verify that the server and applications are
configured correctly.


Was the public URI setup to https://myHostname or http://myhostanme
I suggest we install and configure with http://

The initial install was with https ....

Ive thought about the reinstall, with the public URI's set to http. I am confused now though based on the other instructions.

When during the install process do I change the server.xml and web.xml(s) files? Should I start the server once before I change them or not?

permanent link
Christophe Elek (2.9k12921) | answered May 11 '11, 1:44 p.m.
JAZZ DEVELOPER

When during the install process do I change the server.xml and web.xml(s) files? Should I start the server once before I change them or not?


I would configure server.xml and web.xml first, then connect to port 9080 and then configure the HTTP public URI instead of the HTTPS

permanent link
Stefano Antoniazzi (170711) | answered Aug 07 '14, 9:21 a.m.
  See the section "disabling SSL" here:

  1. If you use Apache Tomcat, make sure that you have started the Apache Tomcat server at least once.
  2. In the web.xml file, change all occurrences of CONFIDENTIAL to NONE.  Save the file. (both for ccm and jts)
  3. If you use Apache Tomcat, navigate to the Jazz-Team-Server-installation-directory/server/tomcat/conf directory.
    • Open the server.xml file in an editor.  Remove the redirectPort attribute from the 9080 Connector element.  Save the file. 
    • Restart the Apache Tomcat server.
  4. Verify that you can login via http://localhost:9080/jazz/admin without being redirected to https://localhost:9443/jazz/admin.

Your answer


Register or to post your answer.