Appendix B- Configuring HTTPS Communication with Spectrum Spatial

This appendix describes how to configure Spectrum Spatial Analyst to use HTTPS communications whilst communicating with the backend Spectrum Spatial instance. A pre-requisite is that the Spectrum Platform must already have been configured to use HTTPS. If this has not yet been done please see the relevant sections in the Spectrum Spatial Guide on configuring HTTPS for Spectrum and the Map Uploader.
By default, Spectrum Spatial Analyst uses the HTTP channel for communication with Spectrum Spatial web services. You can configure Spectrum Spatial Analyst to use HTTPS if you want to secure the network communications between Analyst & Spectrum Spatial. The steps are given below:
  1. Stop Spectrum Spatial Analyst services.
  2. Open shared.properties file in <AnalystLocation>/customerconfigurations/globaldirectory.
  3. Ensure that all the URLs having Spectrum Spatial server host name starts with https.

You have to import the CA certificate into the Java trust store if Spectrum Spatial Server is using a Self-signed certificate. Spectrum Spatial Analyst uses the default Java trust store located in <JAVA_HOME%>/jre/lib/security/cacerts.You can use the Java keytool utility to import CA Certificateinto the trust store as shown below:

  1. keytool -importcert-alias CA -file cacert.der -keystore cacerts
  2. Enter password for the cacerts. The default password is changeit
  3. Verify the imported CA certificate by executing this command:
    keytool -list -v -keystore cacert

Now, restart the Spectrum Spatial Analyst services.