HTTP to HTTPS Redirection

HTTP to HTTPS Redirection

Below mentioned steps will allow you to redirect all the HTTP(port 80) requests on
OpManager
application (e.g. http://localhost) to HTTPS(port 443) (https://localhost). Before proceeding, ensure your SSL certificate is successfully installed so you can access OpManager through https://localhost.

Note: Take a backup of the files before replacing in the actual location.

 

1. Stop the OpManager Service.

2. Go to the folder C:\ManageEngine\OpManager\conf and edit the file server.xml with WordPad. Search with "<Service name="Catalina">" and add the below entry under the existing connector.

    <Connector port="80"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" redirectPort="443" acceptCount="100"
               debug="3" connectionTimeout="1800000"
               disableUploadTimeout="true" />

3.  After the changes, the file entry should be as below 



4.  You can replace the port 80 if the http redirection should be in different port and the https redirectPort is 443 and save the file.

5. Go to the folder C:\ManageEngine\OpManager\WEB-INF\web.xml. Edit the web.xml file and search for the content below and add the lines in  highlighted.

<security-constraint>
        <web-resource-collection>
            <web-resource-name>Secured Core Context</web-resource-name>
            <url-pattern>*.do</url-pattern>
            <url-pattern>*.cc</url-pattern>
            <url-pattern>*.ma</url-pattern>
            <url-pattern>*.ve</url-pattern>
            <url-pattern>*.pdf</url-pattern>
            <url-pattern>*.csv</url-pattern>
            <url-pattern>*.de</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>*</role-name>
        </auth-constraint>
    <user-data-constraint>
        <transport-guarantee>INTEGRAL</transport-guarantee>
    </user-data-constraint>
    </security-constraint>
 
7. Start the OpManager Service.

      New to ADSelfService Plus?

        Resources

            • Related Articles

            • HTTP Server Prone To Slow Denial Of Service Attack(CVE-2007-6750 CVE-2012-5568)

              Few third party vulnerability scanning tools has reported that OpManager has this DOS vulnerability CVE-2007-6750 CVE-2012-5568. TOMCAT developers have mentioned that it is not a vulnerability in TOMCAT and they don't have the plans to to fix it. ...
            • Adding UCS device discovery/Failure related problems

              OpManager supports only UCS Manager. It doesn't support Cisco Integrated Control Manager. You can check this by accessing the below URL, https://UCSIP:PortNumber, eg: https://192.168.10.1:443 The page that opens up should be the UCS Manager and the ...
            • How to generate Support information file in OpManager

              To generate Support information file:  Mouse over  to Support Tab on top right corner after login to OpManager webclient> Click Support > Support information file >once the file is generated  click send. Support information file will be uploaded to ...
            • Compatible modems for Modem based SMS in OpManager

              We have announced End-of-Support for this feature on Oct 31 st 2018.  Please refer this forum post for details and other alternatives. https://pitstop.manageengine.com/portal/community/topic/end-of-support-for-modem-based-sms-and-appsms-notifications ...
            • Steps for enabling Self Signed SSL in OpManager 12 Enterprise Edition

              Steps to enable SSL for OpManagerCentral  Stop OpManagerCentral Open a command prompt (Run > cmd) and change directory to /OpManagerCentral/bin. Execute the following command   ssl_gen.bat -f Enable Start OpManagerCentral Now we have successfully ...