Monday, September 10, 2012

Configure Apache Rave for SSL

I had to do $subject for the oa4mp integration work that I am currently doing with Rave. I had to do some configuration changes to get SSL working with Rave. Following are the instructions on how to $subject.

Enabling SSL in Tomcat

Following instructions demonstrate how to get Tomcat 6 running over SSL using a self signed certificate.
  • Find the reverse DNS (of the IP address )of the machine in which you are going to install.
$ host your-ip-address
  •  Then you'll be getting the reverse DNS of the IP address you gave.
  • Generate a self signed certificate that you'll use with Tomcat.
keytool -genkey -alias tomcat -keyalg RSA -validity 365 -storepass changeit -keystore $JAVA_HOME/jre/lib/security/cacerts

What is your first and last name?
What is the name of your organizational unit?
  [Unknown]:  SGG
What is the name of your organization?
  [Unknown]:  IU
What is the name of your City or Locality?
  [Unknown]:  Bloomington
What is the name of your State or Province?
  [Unknown]:  IN
What is the two-letter country code for this unit?
  [Unknown]:  US
Is, OU=SGG, O=IU, L=Bloomington, ST=IN, C=US correct?
  [no]:  yes

Enter key password for
        (RETURN if same as keystore password):
  • Edit Tomcats server.xml to enable an SSL listener on port 443 using our alternate cacerts file. By default Tomcat looks for a certificate with the alias "tomcat" which is what we used to create our self signed certificate. (uncommented the HTTPS connector and configured it to use our custom cacerts file)

<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
           maxThreads="150" scheme="https" secure="true"
           keystoreFile="$JAVA_HOME/jre/lib/security/cacerts" keystorePass="changeit"
           clientAuth="false" sslProtocol="TLS" />

Configure Apache Rave and Shindig to run over SSL.

1. Configure properties files.
  • Edit the file to configure Apache Rave to use SSL. (updated the following values at the top of the config file with)
Edit the and  container.js files to configure Shindig to use SSL.
  • The changes to container.js are - search and replace of http:// with https://
  • Updated the following values at the top of the config file with.

2. Update the rave-portal pom.
  • Add the following configuration to the cargo plugin. It uses the tomcat server.xml file (configured in the first section) give in the configuration to startup a Tomcat instance.
  • Build raven project.
mvn clean install
  • Move to the rave-portal module and start Rave using the Cargo plugin.
cd rave-portal
mvn cargo:start
  • Log into the portal using the login page.