These instructions show you how to convert Skybot Scheduler® to run in secure sockets layer (SSL) mode. Additional information is available on the Apache Tomcat® website.
If you wish to use trusted certificate authority (CA) certificates, go to a CA website for information on generating the correct keys for a Tomcat® server.
Generating a Self-Signed Certificate
You must first generate or obtain a .keystore file and note the password.
- The JAVA_HOME environment variable must be set to the location of a valid JVM. To do so, issue one of the following commands from a command prompt:
%JAVA_HOME%\bin\ keytool -keysize 2048 -genkey -alias skybot -keyalg RSA -keystore skybot.keystore
$JAVA_HOME/bin/ keytool -keysize 2048 -genkey -alias skybot -keyalg RSA -keystore skybot.keystore
- After creating a password, you will be asked for additional information. This information is not required. Press Enter to skip these questions.
- Remember the password you entered while generating the key.
- The resulting skybot.keystore file is located in your working directory.
Enabling the Certificate
- End the Skybot Scheduler server.
- Copy the skybot.keystore file into the ...\Skybot\Skybot Scheduler(*server on Linux)\conf folder.
- Edit the server.xml file in the conf folder as follows:
- Change the following settings in the Connector for protocol="HTTP/1.1":
- port="8008" to "8443"
- protocol="HTTP/1.1" to "org.apache.coyote.http11.Http11NioProtocol"
- SSLEnabled="false" to "true"
- scheme="http" to "https"
- secure="false" to "true"
- keystoreFile="conf/.keystore" to "conf/skybot.keystore"
- keystorePass="robotMP" to "[password you created with the skybot.keystore]"
- add ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
- Change the redirectPort="8008" to "8443" in the Connector for protocol="AJP/1.3".
- Save your changes to server.xml.
- Start the Skybot Scheduler server.
After You Are Done
Change your browser links to use https (vs. http) and the correct port (8443):
where xxx.xxx.xxx.xxx is the IP address of your enterprise server.