Appendix B- Configuring HTTPS Communication with Spectrum Spatial
This appendix describes how to configure Spectrum Spatial Analyst to use HTTPS
communications whilst communicating with the backend Spectrum Spatial instance. As a
prerequisite, the Spectrum Platform must already be configured to use HTTPS. If this has
not yet been done please see the relevant sections in the Spectrum Spatial Guide on
configuring HTTPS for Spectrum and the Map Uploader.
By default,
Spectrum Spatial Analyst uses the HTTP channel for communication with Spectrum
Spatial web services. You can configure Spectrum Spatial Analyst to use HTTPS
if you want to secure the network communications between Analyst and Spectrum
Spatial. The steps are given below:
- Stop Spectrum Spatial Analyst services.
- Open
shared.properties
file in<AnalystLocation>/customerconfigurations/global
directory. - Ensure that all the URLs having Spectrum Spatial server host name starts with https.
You have to import the CA certificate into the Java trust store if Spectrum Spatial Server is
using a Self-signed certificate. Spectrum Spatial Analyst uses the default Java
trust store located in <JAVA_HOME%>/jre/lib/security/cacerts
.You can
use the Java keytool utility to import CA Certificate into the trust store as shown
below:
- keytool -importcert-alias CA -file cacert.der -keystore cacerts
- Enter password for the cacerts. The default password is
changeit
- Verify the imported CA certificate by executing this
command:
keytool -list -v -keystore "%JAVA_HOME%/jre/lib/security/cacerts" -alias (alias value given in step 1)
Now, restart the Spectrum Spatial Analyst services.