Configure Transact SSL/TLS with generated certificates

To configure Transact, modify the following files to use SSL/TLS with generated certificates.

server.xml
dcma-batch.properties
dcma-workflows.properties
web.xml (change only if you changed the port from the default)

Before modifying a file, create a backup.

server.xml

Locate the server.xml file in <Transact_Folder>\JavaAppServer\conf.

Open the server.xml in an editor and locate the existing HTTP/HTTPS connector in the <Connector> tag.

The element is similar to:

<Connector port="8080" protocol="HTTP/1.1" 
connectionTimeout="900000" redirectPort="8443" compression="on" noCompressionUserAgents="gozilla,
traviata" 
compressionMimeType="text/html, text/xml, text/css, text/javascript, image/jpg, image/png" 
maxThreads="200" maxKeepAliveRequests="200" maxPostSize="4194304"/>

Comment the existing connector by surrounding the connector tag in comment tags ().

Locate the comment Connector for enabling PIV/CAC configuration and uncomment the <Connector> element below it. This version of the <Connector> tag begins like this:

<Connector protocol="org.apache.coyota.http11.Http11NioProtocol"…

This connector includes the following configurable properties:

Property	Value
protocol	org.apache.coyote.http11.Htp11NioProtocol
port	8080 (or 8443) You can change the port from the default 8080 but note the change for other procedures.
maxThreads	2000
clientAuth	false
scheme	https
keepAliveTimeout	-1
connectionTimeout	900000
secure	true
SSLEnabled	true
sessionTimeout	30
truststoreFile	Complete path of truststore file location. Example: C:\Ephesoft\certs\truststore.jks
truststorePass	Password for truststore.
keystoreFile	Complete path of keystore file location. Example: C:\Ephesoft\certs\truststore.jks
keystorePass	Password for keystore.
maxKeepAliveRequests	200

Replace the path of the certificates with the actual certificate locations.

dcma-batch.properties

Locate and back up the dcma-batch.properties file in <Transact_Folder>\Application\WEB-INF\classes\META-INF.
Update the batch.base_http_url property to include https protocol, the correct port, and the correct host name.
```
batch.base_http_url=https\://localhost\:8443/dcma-batches
```
The batch.base_http_url must include /dcma after the port, such as:
```
batch.base_http_url=https\://localhost\:8443/dcma/dcma-batches
```

dcma-workflows.properties

Locate the dcma-workflows.properties file in <Transact_Folder>\Application\WEB-INF\classes\META-INF.
Update the wb.hostURL to include https protocol, correct port, and correct host name.
```
wb.hostURL=https://localhost:8443/dcma/rest
```

web.xml

Only modify web.xml if you changed the port from the default of 8080.

Locate the web.xml file in <Transact_Folder>\Application\WEB-INF.

Modify the following <context-param> entries:

Parameter name	Updated value
port	Enter the port listed in the server.xml file. Update this only if you have updated the port number. `<context-param> <param-name>port</param-name> <param-value>8443</param-value> </context-param>`
protocol	Enter https. `<context-param> <param-name>protocol</param-name> <param-value>https</param-value> </context-param>`

Parameter name

Updated value

port

Enter the port listed in the server.xml file. Update this only if you have updated the port number.

<context-param>
   <param-name>port</param-name>
   <param-value>8443</param-value>
</context-param>

protocol

Enter https.

<context-param>
   <param-name>protocol</param-name>
   <param-value>https</param-value>
</context-param>

Restart the Transact service.