MaryKayTopp

need to change from HTTP to HTTPS logins but getting errors

Discussion created by MaryKayTopp on Jun 13, 2011
Latest reply on Jul 7, 2011 by Hiko_Davis
I was following the information in the Introscope8.2.3.0ConfigAdminGuide for SSL but I am getting errors. - we need to change our Introscope workstation and webview logins from HTTP to HTTPS to meet encryption requirements for apps but when I change the webstart settings under # Port Settings in the IntroscopeEnterpriseManager.properties file I get errors in the logs saying [ERROR] [WebView] WebView failed to authenticate. Make sure the EM is configured to allow WebView connections. com.wily.isengard.messageprimitives.ConnectionException

These are the settings I have set
# Use this to enable both the default channel and secure channel.
introscope.enterprisemanager.enabled.channels=channel1,channel2

# Location of a keystore containing certificates for authenticating the EM to clients.
# Either an absolute path or a path relative to the config directory.
# On Windows, backslashes must be escaped. For example:
CHANGED TO ABSOLUTE PATH
introscope.enterprisemanager.keystore.channel2=E:\\Introscope2\\config\\internal\\server\\keystore

# This property is used for Workstations launched via Java Web Start, to set
# the communication port used for communicating with the Enterprise Manager.
introscope.enterprisemanager.workstation.connection.channel=channel1
CHANGED TO channel2

Also our network security group is asking an ARP Poisoning question as they are watching ports 80/443/8080/8081/5001and we are using workstation web start. They are not seeing any of the Introscope log-in traffic. They're asking "How do they evade arp posioning or Man-in-the-middle attacks on their log on page" Tell them we were monitoring traffic between your PC and the Application server, and were trying to imitate stealing your credentials. We were unable to see the traffic for whatever reason.

Outcomes