You are here

Converting Skybot Scheduler to Run in SSL Mode

These instructions show you how to convert Skybot Scheduler® to run in secure sockets layer (SSL) mode. Additional information is available on the Apache Tomcat® website.

If you wish to use trusted certificate authority (CA) certificates, go to a CA website for information on generating the correct keys for a Tomcat® server.

Generating a Self-Signed Certificate

You must first generate or obtain a .keystore file and note the password.

  • The JAVA_HOME environment variable must be set to the location of a valid JVM. To do so, issue one of the following commands from a command prompt:
    • Windows:%JAVA_HOME%\bin\ keytool -keysize 2048 -genkey -alias skybot -keyalg RSA -keystore skybot.keystore
    • UNIX:$JAVA_HOME/bin/ keytool -keysize 2048 -genkey -alias skybot -keyalg RSA -keystore skybot.keystore
  • After creating a password, you will be asked for additional information. This information is not required. Press Enter to skip these questions.
  • Remember the password you entered while generating the key.
  • The resulting skybot.keystore file is located in your working directory.

Enabling the Certificate

  • End the Skybot Scheduler server.
  • Copy the skybot.keystore file into the ...\Skybot\Skybot Scheduler(*server on Linux)\conf folder.
  • Edit the server.xml file in the conf folder as follows:
    • Change the following settings in the Connector for protocol="HTTP/1.1":
      • port="8008" to "8443"
      • protocol="HTTP/1.1" to "org.apache.coyote.http11.Http11NioProtocol"
      • SSLEnabled="false" to "true"
      • scheme="http" to "https"
      • secure="false" to "true"
      • keystoreFile="conf/.keystore" to "conf/skybot.keystore"
      • keystorePass="robotMP" to "[password you created with the skybot.keystore]"
      • add ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
  • Change the redirectPort="8008" to "8443" in the Connector for protocol="AJP/1.3".
  • Save your changes to server.xml.
  • Start the Skybot Scheduler server.

After You Are Done

Change your browser links to use https (vs. http) and the correct port (8443):

https://xxx.xxx.xxx.xxx:8443/

where xxx.xxx.xxx.xxx is the IP address of your enterprise server.

 

Last Updated: Aug 17, 2014