User guide
ManageEngine Firewall Analyzer :: User Guide
284
Zoho Corp.
Configuring Secure Communication - SSL
The SSL protocol provides several features that enable secure transmission of Web
traffic. These features include data encryption, server authentication, and message
integrity.
You can enable secure communication from web clients to the Firewall Analyzer server
using SSL.
The steps provided describe how to enable SSL functionality and generate
certificates only. Depending on your network configuration and security needs, you
may need to consult outside documentation. For advanced configuration concerns,
please refer to the SSL resources at http://www.apache.org and
http://www.modssl.org
• Generating a valid certificate
• Disabling HTTP
• Enabling HTPPS (SSL)
• Verifying SSL Setup
• Configuring HTTPS Configuration Parameters for 64 bit/128 bit
encryption
• Using the existing SSL certificate
• How to install SSL certificate for Firewall Analyzer
Generating a valid certificate
Stop the server, if it is running.
Follow the instructions given below for SSL Installation:
If you have a keystore file for using HTTPS, place the file under <Firewall Analyzer
Home>\server\default\conf directory and rename it as "chap8.keystore"
Disabling HTTP
When you have enabled SSL, HTTP will continue to be enabled on the web server port
(default 8080). To disable HTTP follow the steps below:
1. Edit the server.xml file present in <Firewall Analyzer
Home>/server/default/deploy/jbossweb-tomcat50.sar directory.
2. Comment out the HTTP connection parameters, by placing the <!-- tag before,
and the --> tag after the following lines:
<Connector port="8080" address="${jboss.bind.address}"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="8443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true"/>