Configuring the xFlow Interface to Connect to SSL based Micro Services
Article ID: 75104
Updated On:
Products
CA Service Desk Manager
CA Service Management - Service Desk Manager
Issue/Introduction
The steps below outline how to configure the xFlow interface to connect to SSL based Micro Services.
Environment
Release: 17.1 or higher
Component: CA Service Desk Manager
Resolution
Perform the following steps:
1. Backup the casm.conf.js and casm.conf.do-not-change.js files . The default location to access these files is:
C:\Program Files\CA\xFlow\APPS\Services\incidentmicroservice-<xxxx>\public\conf
2. Verify that SSL is enabled for Tomcat in CA Service Desk Manager.
3. Open the casm.conf.do-not-change.js file and do the following:
Find the text: api : {server : 'https://localhost:8080/'}, and modify the port number as 8443.
Save and close the file.
4. Open casm.conf.js file and configure the microservices that are required for your environment as below:
a. Find the text: api : {server : 'https://<hostname>:9004'}, and modify the port number as 9444.
b. Find the text: search : {server : 'https://<hostname>:9006'}, and modify the port number as 9446.
c. Find the text: websocket : {server : 'wss://<hostname>:9008'}, and modify the port number as 9448.
d. Find the text: sdm : {server : 'https://<hostname>/CAisd/pdmweb.exe'}, and add the port number 8443 to host name. For example, http://sdmhostname:8443/CAisd/pdmweb.exe.
e. Find the text: insights: {server : 'https://<hostname>:port'}, and add the port number 9452 to the host name. For example, http://insights:9452.
5. Save and close the file.
6. Navigate to: C:\Program Files\CA\xFlow\APPS\Services\insightmicroservice-17.1.705\conf
7. Open the application.conf file in a text editor.
8. Find the parameter Security headers.
9. Search for: play.filters.headers.frameOptions = "ALLOW-FROM <http://hostname:9002>"
10. Replace it with: play.filters.headers.frameOptions = "ALLOW-FROM <https://hostname:9444>"
11. Search for: play.filters.headers.contentSecurityPolicy = "child-src 'self' 'unsafe-inline' 'unsafe-eval' <http://hostname:9002>"
12. Replace it with: play.filters.headers.contentSecurityPolicy = "child-src 'self' 'unsafe-inline' 'unsafe-eval' <https://hostname:9444>"
13. Restart the xFlow Analyst Interface Service.
14. Verify you are able to access the xflow Analyst Interface <https://hostname:9444/>
1. Backup the casm.conf.js and casm.conf.do-not-change.js files . The default location to access these files is:
C:\Program Files\CA\xFlow\APPS\Services\incidentmicroservice-<xxxx>\public\conf
2. Verify that SSL is enabled for Tomcat in CA Service Desk Manager.
3. Open the casm.conf.do-not-change.js file and do the following:
Find the text: api : {server : 'https://localhost:8080/'}, and modify the port number as 8443.
Save and close the file.
4. Open casm.conf.js file and configure the microservices that are required for your environment as below:
a. Find the text: api : {server : 'https://<hostname>:9004'}, and modify the port number as 9444.
b. Find the text: search : {server : 'https://<hostname>:9006'}, and modify the port number as 9446.
c. Find the text: websocket : {server : 'wss://<hostname>:9008'}, and modify the port number as 9448.
d. Find the text: sdm : {server : 'https://<hostname>/CAisd/pdmweb.exe'}, and add the port number 8443 to host name. For example, http://sdmhostname:8443/CAisd/pdmweb.exe.
e. Find the text: insights: {server : 'https://<hostname>:port'}, and add the port number 9452 to the host name. For example, http://insights:9452.
5. Save and close the file.
6. Navigate to: C:\Program Files\CA\xFlow\APPS\Services\insightmicroservice-17.1.705\conf
7. Open the application.conf file in a text editor.
8. Find the parameter Security headers.
9. Search for: play.filters.headers.frameOptions = "ALLOW-FROM <http://hostname:9002>"
10. Replace it with: play.filters.headers.frameOptions = "ALLOW-FROM <https://hostname:9444>"
11. Search for: play.filters.headers.contentSecurityPolicy = "child-src 'self' 'unsafe-inline' 'unsafe-eval' <http://hostname:9002>"
12. Replace it with: play.filters.headers.contentSecurityPolicy = "child-src 'self' 'unsafe-inline' 'unsafe-eval' <https://hostname:9444>"
13. Restart the xFlow Analyst Interface Service.
14. Verify you are able to access the xflow Analyst Interface <https://hostname:9444/>
Additional Information
The above supplements the main article about xFlow and SSL, available here:
Feedback
Yes
No
Powered by
