Appendix B- Configuring HTTPS Communication with Spectrum Spatial

This appendix describes how to configure Spectrum Spatial Analyst to use HTTPS communications whilst communicating with the backend Spectrum Spatial instance. As a prerequisite, the Spectrum Platform must already be configured to use HTTPS. If this has not yet been done please see the relevant sections in the Spectrum Spatial Guide on configuring HTTPS for Spectrum and the Map Uploader.
By default, Spectrum Spatial Analyst uses the HTTP channel for communication with Spectrum Spatial web services. You can configure Spectrum Spatial Analyst to use HTTPS if you want to secure the network communications between Analyst and Spectrum Spatial. The steps are given below:
  1. Stop Spectrum Spatial Analyst services.
  2. Open shared.properties file in <AnalystLocation>/customerconfigurations/globaldirectory.
  3. Ensure that all the URLs having Spectrum Spatial server host name starts with https.

You have to import the CA certificate into the Java trust store if Spectrum Spatial Server is using a Self-signed certificate. Spectrum Spatial Analyst uses the default Java trust store located in <JAVA_HOME%>/jre/lib/security/cacerts.You can use the Java keytool utility to import CA Certificate into the trust store as shown below:

  1. keytool -importcert-alias CA -file cacert.der -keystore cacerts
  2. Enter password for the cacerts. The default password is changeit
  3. Verify the imported CA certificate by executing this command:
    keytool -list -v -keystore "%JAVA_HOME%/jre/lib/security/cacerts" -alias (alias value given in step 1)

Now, restart the Spectrum Spatial Analyst services.