Date Posted:
Product: TIBCO Spotfire®
Product: TIBCO Spotfire®
Problem:
Troubleshooting Guide for issues when HTTPS configuration on the TIBCO Spotfire Server is not working
Solution:
After attempting to configure the TIBCO Spotfire Server to use HTTPS using the documentation Configuring HTTPS, if you are still facing issues, like the TIBCO Spotfire Server HTTPS URL will not load successfully, then check the following steps to verify the configuration process.
First, ensure that you have copied the keystore file to the "<server installation path>/tomcat/certs" folder. We suggest using the server's hostname as the keystore filename.
Settings to be verified in "server.xml" located in <server installation path>/tomcat/conf folder:
Settings to be verified in Microsoft Management Console(mmc):
Doc: Configuring HTTPS
Settings to be verified in "server.xml" located in <server installation path>/tomcat/conf folder:
- Check if the correct path is specified for the "certificateKeystoreFile" parameter. If you think there is an issue with that, then please try using the absolute path instead of the relative path.
- Check if the "certificateKeystoreType" parameter matches the properties of the keystore file.
- Check if a keyalias is mentioned while issuing the certificate which should be used as "certificateKeyAlias". If there is no alias assigned while issuing the certificate, then the "certificateKeyAlias" parameter is not needed.
Settings to be verified in Microsoft Management Console(mmc):
- Launch MMC console in the Spotfire server machine > Add a snap-in > Select certificates > Click OK > Go to Trusted Root certification authorities > Select Actions > All tasks > Import > Import the certificate from <server installation path>/tomcat/certs folder for the computer account > Click Finish.
- Check for any duplicate certificates in MMC console. Delete the existing certificate in MMC (if it is issued for the same server and got expired) and import the latest CA issued certificate from <server installation path>/tomcat/certs folder for the computer account.
Comments
0 comments
Article is closed for comments.