Configuring HTTPS for Knova

Overview

This article explains how to configure HTTPS for Knova Knowledge Management Application versions 8.x. You must first acquire an SSL certificate from a third-party and save in a folder on your hard drive.

Solution

  1. Log in to the Admin Server as an Administrator user with privileges to run Apache Tomcat.
  2. Open <TomcatInstallationFolder>\conf\server.xml and add a new connector port.
    The following example adds a new connector that uses port 8443 (note that keystore-path represents the folder storing the keystore file):
    <Connectorport="8443" scheme="https"
    secure="true"
    SSLEnabled="true"
    keystoreFile="[keystore-path]"
    keystorePass="[keystore-password]"
    sslProtocol="TLS"
    maxSpareThreads="75"
    enableLookups="false"
    disableUploadTimeout="true"
    acceptCount="100"
    maxThreads="150"
    minSpareThreads="25"
    clientAuth="false"
    URIEncoding="UTF-8"/>
  3. In the server.xml file, delete the connector port for port 8080.
  4. Open the <ConsonaKMApplication>\web.config file for Knova KM Administrator, Knova Knowledge Central, and Knova Self-Service. Replace all occurrences of HTTP with HTTPS and all occurrences of server port 8080 with 8443.
  5. Open the <ConsonaKMInstallationFolder>\<ConsonaKMApplication>\<ApplicationShortcut>.url file for Knova KM Administrator, Knova Knowledge Central, and Knova Self-Service, and replace all occurrences of HTTP with HTTPS and all occurrences of server port 8080 with 8443. Application shortcuts are the following:
    • l admin.url for Consona KM Administrator
    • l ksc.url for Consona Knowledge Central
    • l kss.url for Consona Self-Service
  6. On Consona KM Administrator home page, navigate to Administer System > Advanced Task Manager.
  7. Under Configuration Settings, click Platform Configuration Manager. Replace all occurrences of HTTP with HTTPS and all occurrences of server port 8080 with 8443.
  8. Save your changes are restart the application.
  9. Import your SSL certificate into the Java Runtime Environment (JRE) used by Knova KM system. Run the following command from the Java /bin directory:
    keytool -import -alias <alias> -keystore ..\lib\security\cacerts -file <certificatepath>
    NOTE: If there is more than one JRE and you are not sure which one is used by the Knova KM system, import the certificate into all JREs.
  10. Repeat step 9 for all Web Application Servers and Web Servers.
  11. Log on to the Analytics Server and modify the qv_settings.xml file by replacing HTTP with HTTPS and 8080 with 8443 for Kettle adminURL.
  12. Add your SSL certificate as a trusted Certificate Authority on the Analytics Server. The certificate must also be added into trusted root CA on the Analytics Server for the user who starts QlikView Server.

    Now you should be able to access the applications by replacing HTTP with HTTPS in the URLs. E.g.:
    https://hostname:8443/administrator
    https://hostname:8443/knowledgecentral
    https://hostname:8443/selfservice

Comments

0 comments

Please sign in to leave a comment.