3.12 How to Enable HTTPS on PowerCenter Admin Console

How to Enable

HTTPS on PowerCenter Admin Console

11.   Generate a keystore file.

Provide valid values for CN, OU, O, L, S, C when prompted. The
value for CN is the host name of the server where PowerCenter is installed. It
can be a fully qualified name or just the host name depending on how you access
the Administration Console.

 

 

[infadev@infadev
9.6.1]$ cd /sbx/informatica/9.6.1/java/jre/bin

[infadev@infadev
bin]$ keytool -genkey -alias tomcat -keyalg RSA -keysize 2048 -validity 1000
-keystore tomcat.keystore

Enter
keystore password:

Re-enter
new password:

What
is your first and last name?

  [Unknown]: 
Infa

What
is the name of your organizational unit?

  [Unknown]: 
Infa

What
is the name of your organization?

  [Unknown]: 
Infa

What
is the name of your City or Locality?

  [Unknown]: 
Infa

What
is the name of your State or Province?

  [Unknown]: 
CA

What
is the two-letter country code for this unit?

  [Unknown]: 
US

Is
CN=Infa, OU=Infa, O=Infa, L=Infa, ST=CA, C=US correct?

  [no]: 
Y

Enter
key password for

        (RETURN if same as keystore password):

Re-enter
new password:

[infadev@infadev
bin]$

[infadev@infadev
bin]$ ls -ltr tomcat*

-rw-rw-r–
1 infadev uxa_info_sbx_adm_l 2201 Oct 23 16:39 tomcat.keystore

[infadev@infadev
bin]$

22.   View the contents of the keystore:

 

[infadev@infadev
bin]$ keytool -list -v -alias tomcat -keystore tomcat.keystore

Enter
keystore password:

Alias
name: tomcat

Creation
date: Oct 23, 2017

Entry
type: PrivateKeyEntry

Certificate
chain length: 1

Certificate[1]:

Owner:
CN=Infa, OU=Infa, O=Infa, L=Infa, ST=CA, C=US

Issuer:
CN=Infa, OU=Infa, O=Infa, L=Infa, ST=CA, C=US

Serial
number: 111ef740

Valid
from: Mon Oct 23 16:39:26 CDT 2017 until: Sun Jul 19 16:39:26 CDT 2020

Certificate
fingerprints:

        

         Version: 3

 

Extensions:

 

#1:
ObjectId: 2.5.29.14 Criticality=false

SubjectKeyIdentifier
[

KeyIdentifier
[

]

]

33.  Self-signed Certificate

Generate a self-signed certificate using the MD5 algorithm and add
it to the keystore. (Note: Enter the password which was provided in step 1 when
prompted)

 

[infadev@infadev bin]$ keytool
-selfcert -alias  tomcat -sigalg
“SHA256withRSA” -keypass Changeme1 -storepass Changeme1 -validity 365
-dname “CN=Infa, OU=Infa, O=Infa, L=Infa, ST=CA, C=US” -keystore
tomcat.keystore

  1. View the contents of the
    keystore:

 

 

[infadev@infadev
bin]$ keytool -list -v -alias tomcat
-keystore tomcat.keystore

Enter
keystore password:

Alias
name: tomcat

Creation
date: Oct 23, 2017

Entry
type: PrivateKeyEntry

Certificate
chain length: 1

Certificate[1]:

Owner:
CN=Infa, OU=Infa, O=Infa, L=Infa, ST=CA, C=US

Issuer:
CN=Infa, OU=Infa, O=Infa, L=Infa, ST=CA, C=US

Serial
number: 32bc32f8

Valid
from: Mon Oct 23 16:47:09 CDT 2017 until: Tue Oct 23 16:47:09 CDT 2018

Certificate
fingerprints:

         Version: 3

 

Extensions:

 

]

]

 

 

Step 5 : Copy the generated keystore file
to the INFA_HOME/tomcat/conf directory on the server.

 

Step 6: Shut down the node process by running infaservice.sh
shutdown
.

 

Step 7: CD to the INFA_HOME/server directory, and run the
updateGatewayNode command. Please take a backup of the
INFA_HOME/isp/config/nodemeta.xml file before running this command.

 

./infasetup.sh updategatewaynode -da DBHost:1521 -du INFDOM -dp dbpwd
-ds infapp -dn Domain_dev -hs 8443 -kf
/sbx/informatica/9.6.1/tomcat/conf/tomcat.keystore -kp Changeme1

 

 

Step 8: Start Node

 

Step 9: Log into Admin Console with
host:port address –  The page should redirect to the
HTTPS URL.