Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space IDS and version 8.2.0

Creating the Certificate Key Store for SSL

If you have a production-ready SSL certificate, it is easiest to store it in a keystore.pfx file that is saved in $WILDFLY_HOME/standalone/configuration/keystore.pfx. If you don't have a production ready server certificate, then you can either create a temporary self-signed one using cert.cmd, to get you started with testing, or buy a production certificate from, for example: https://www.globalsign.com/en/ssl/.
The script cert.cmd will generate a self-signed certificate and deposit it in a key store file called keystore.pfx. This file is saved in $WILDFLY_HOME/standalone/configuration/keystore.pfx.

Code Block
languagetext
themeRDark
cd /usr/local/ubisecure/customerid/tools
./cert.sh

If you are using self-signed certificates (like the one provided by default in the installation of Ubisecure SSO) also with Ubisecure SSO you need to import the public key into the Java certificate store (${JRE_HOME}/lib/security/cacerts file).

Setting WildFly UndertowRealm

Locate the script config-wildfly.sh and run it. This will relocate HTTP and HTTPS ports according to configuration that was specified in linux.config and set up the references to the key store containing the server certificate. It will also set host aliases. Make sure that all phases finish with a success status. 

Code Block
languagetext
themeRDark
cd /usr/local/ubisecure/customerid/tools
./config-wildfly.sh

After these steps you can open a browser to the server's HTTPS port and verify that the connection is over HTTPS and check that the certificate information is what you would expect it to be under the circumstances.

Setting Up customerid.home System Property for WildFly

WildFly requires the customerid.home system property in order to locate relevant configuration files. There are a number of different ways to achieve this, but the easiest way is to just run the register-customerid-home.sh from tools folder. 

...

languagetext
themeRDark

...

See instructions from CustomerID WildFly System Property Registration On Linux.

Setting Up Audit and Diagnostic Logging

Starting from Ubisecure CustomerID 5.0.x, logging is managed centrally via the WildFly J2EE container. The script setup-logging.sh contacts WildFly management port and then sets up logging configuration to redirect Ubisecure CustomerID specific log entries to separate files. To set up logging, run the following commands in a command prompt: 

Code Block
languagetext
themeRDark
cd /usr/local/ubisecure/customerid/tools
./setup-logging.sh

Setting Up a Mail Session

The mail session is set up by executing the script create-mail-session.sh

Code Block
languagetextthemeRDark
cd /usr/local/ubisecure/customerid/tools
./create-mail-session.sh

...