You are here

Converting Skybot Scheduler to Run in SSL Mode

These instructions show you how to convert Skybot Scheduler® to run in secure sockets layer (SSL) mode. Additional information is available on the Apache Tomcat® website.

If you wish to use trusted certificate authority (CA) certificates, go to a CA website for information on generating the correct keys for a Tomcat® server.

Generating a Self-Signed Certificate

You must first generate or obtain a .keystore file and note the password.

  • The JAVA_HOME environment variable must be set to the location of a valid JVM. To do so, issue one of the following commands from a command prompt:
    • Windows:%JAVA_HOME%\bin\ keytool -keysize 2048 -genkey -alias skybot -keyalg RSA -keystore skybot.keystore
    • UNIX:$JAVA_HOME/bin/ keytool -keysize 2048 -genkey -alias skybot -keyalg RSA -keystore skybot.keystore
  • After creating a password, you will be asked for additional information. This information is not required. Press Enter to skip these questions.
  • Remember the password you entered while generating the key.
  • The resulting skybot.keystore file is located in your working directory.

Enabling the Certificate

  • End the Skybot Scheduler server.
  • Copy the skybot.keystore file into the ...\Skybot\Skybot Scheduler(*server on Linux)\conf folder.
  • Edit the server.xml file in the conf folder as follows:
    • Change the following settings in the Connector for protocol="HTTP/1.1":
      • port="8008" to "8443"
      • protocol="HTTP/1.1" to "org.apache.coyote.http11.Http11NioProtocol"
      • SSLEnabled="false" to "true"
      • scheme="http" to "https"
      • secure="false" to "true"
      • keystoreFile="conf/.keystore" to "conf/skybot.keystore"
      • keystorePass="robotMP" to "[password you created with the skybot.keystore]"
      • add ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
  • Change the redirectPort="8008" to "8443" in the Connector for protocol="AJP/1.3".
  • Save your changes to server.xml.
  • Start the Skybot Scheduler server.

After You Are Done

Change your browser links to use https (vs. http) and the correct port (8443):

https://xxx.xxx.xxx.xxx:8443/

where xxx.xxx.xxx.xxx is the IP address of your enterprise server.

 

Still have questions? You can contact one of our Skybot Technical Support team members by using the live chat window, emailing us at support.skybot@helpsystems.com, or calling +1 952-746-4786 in the U.S. Outside the U.S., call +44 (0) 870 120 3148.

Last Updated: Aug 17, 2014