Connecting via HTTPS
To connect via HTTPS you need to have Data Shaper Server.
You need to configure both the Server and Designer (in the case of Designer with its own certificate), or the Server alone (in the case of Designer without a certificate).
Designer has its Own Certificate
In order to connect to Data Shaper Server via HTTPS
when Designer must have its own certificate, create client and server keystores/truststores (note: the following guide is for Unix system):
- To generate these keys, execute the following script in the
bin
subdirectory of JDK or JRE wherekeytool
is located:
# SERVER
# create server key-store with private-public keys
keytool -genkeypair -alias server -keyalg RSA -keystore ./serverKS.jks \
-keypass p4ssw0rd -storepass p4ssw0rd -validity 900 \
-dname "cn=localhost, ou=DX, o=Clover, c=CR"
# exports public key to separated file
keytool -exportcert -alias server -keystore serverKS.jks \
-storepass p4ssw0rd -file server.cer
# CLIENT
# create client key-store with private-public keys
keytool -genkeypair -alias client -keyalg RSA -keystore ./clientKS.jks \
-keypass chodnik -storepass chodnik -validity 900 \
-dname "cn=Key Owner, ou=DX, o=Clover, c=CR"
# exports public key to separated file
keytool -exportcert -alias client -keystore clientKS.jks \
-storepass chodnik -file client.cer
# trust stores
# imports server cert to client trust-store
keytool -import -alias server -keystore clientTS.jks \
-storepass chodnik -file server.cer
# imports client cert to server trust-store
keytool -import -alias client -keystore serverTS.jks \
-storepass p4ssw0rd -file client.cer
(In these commands, localhost
is the default name of your Data Shaper Server. You can change the Server name by replacing the localhost
name in these commands by any other hostname.)
After that, copy the serverKS.jks
and serverTS.jks
files to the conf
subdirectory of Tomcat.
Then, copy the following code to the server.xml
file in this conf
subdirectory:
<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="off" />
<Connector port="8443" maxHttpHeaderSize="7192"
maxThreads="150" minSpareThreads="25"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="true" sslProtocol="TLS"
SSLEnabled="true"
protocol="org.apache.coyote.http11.Http11NioProtocol"
keystoreFile="pathToTomcatDirectory/conf/serverKS.jks"
keystorePass="p4ssw0rd"
truststoreFile="pathToTomcatDirectory/conf/serverTS.jks"
truststorePass="p4ssw0rd"
/>
Now you can run Data Shaper Server by executing the startup
script located in the bin
subdirectory of Tomcat.
Configuring Data Shaper Designer
Now you need to copy the clientKS.jks
and clientTS.jks
files to any location.
After that, copy the following code to the end of the CloverDXDesigner.ini
file, which is stored in the Data Shaper Designer installation directory:
-Djavax.net.ssl.keyStore=locationOfClientFiles/clientKS.jks
-Djavax.net.ssl.keyStorePassword=chodnik
-Djavax.net.ssl.trustStore=locationOfClientFiles/clientTS.jks
-Djavax.net.ssl.trustStorePassword=chodnik
Now, when you start your Data Shaper Designer, you will be able to create your Data Shaper Server projects using the following default connection to the Server: https://localhost:8443/clover
where both login name and password are clover.
Designer does not have its Own Certificate
In order to connect to Data Shaper Server via HTTPS
when Designer does not need to have its own certificate, you only need to create a server keystore.
To generate this key, execute the following script (version for Unix) in the bin
subdirectory of JDK or JRE where keytool
is located:
keytool -genkeypair -alias server -keyalg RSA -keystore ./serverKS.jks \
-keypass p4ssw0rd -storepass p4ssw0rd -validity 900 \
-dname "cn=localhost, ou=DX, o=Clover, c=CR"
(In these commands, localhost
is the default name of your Data Shaper Server, if you want any other Server name, replace the localhost
name in these commands by any other hostname.)
After that, copy the serverKS.jks
file to the conf
subdirectory of Tomcat.
Then, copy the following code to the server.xml
file in this conf
subdirectory:
<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="off" />
<Connector port="8443" maxHttpHeaderSize="7192"
maxThreads="150" minSpareThreads="25"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="SSL"
SSLEnabled="true"
protocol="org.apache.coyote.http11.Http11NioProtocol"
keystoreFile="pathToTomcatDirectory/conf/serverKS.jks"
keystorePass="p4ssw0rd"
/>
Now you can run Data Shaper Server by executing the startup
script located in the bin
subdirectory of Tomcat.
And, when you start your Data Shaper Designer, you will be able to create your Data Shaper Server projects using the following default connection to Server: https://localhost:8443/clover
where both login name and password are clover.
You will be prompted to accept the Server certificate. Now you can create a Data Shaper Server project.
Updated 4 months ago