Knowledge Base - Technical Articles


Technical Article   HowTo:  Setup ArcGIS Server for the Java Platform with an external Apache Tomcat Web Server with SSL

Article ID: 37625
Software:  ArcGIS Server 9.3.1, 10
Platforms:  Solaris 10

Summary

Instructions provided describe how to set up SSL encryption on an external Apache Tomcat Web server for ArcGIS Server for the Java Platform.

Procedure

This procedure assumes that ArcGIS Server for the Java Platform has been installed. See the Related Information section below for instructions.

  1. Download and install the Apache Tomcat Web server.
  2. Download and install Java Runtime Environment 6.
  3. Download and run the Windows Installer. The Installer asks for the location of the Java Runtime Environment installed in the previous step. Typically this is C:\Program Files\Java\jre6.
  4. Configure the Tomcat Web server to run on Port 80 and SSL on Port 443.
  5. Turn off, unistall, or otherwise disable Internet Information Services (IIS) and IIS SSL. Click Start > Run, type services.msc and click OK. In the Services console, right-click the World Wide Web Publishing and HTTP SSL services, and click Stop.
  6. Confirm that nothing is listening on ports 80 or 443. Click Start > Run, type cmd, and click OK. In the Command Prompt window, look for any 'LISTENING' entries on :http, :https, :80, or :443.
  7. Create an SSL certificate keystore on the Web server. In the Command Prompt window, navigate to the %JAVA_HOME% directory and run the following command: C:\Program Files\Java\jre6\bin\keytool -genkey -alias tomcat -keyalg RSA.
  8. Specify the following password: changeit.
  9. Edit the file C:\Program Files\Apache Software Foundation\Tomcat 6.0\conf\server.xml as follows:

    ▪ Edit the line <Connector port="8080" and replace it with: <Connector port="80"

    ▪ Find the line <Connector port="8443" and make the following settings: <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
    maxThreads="150" scheme="https" secure="true"
    clientAuth="false" sslProtocol="TLS" keystoreFile="C:\Documents and Settings\<YOUR USERNAME HERE>\.keystore"
    keystorePass="changeit" />

    ▪ Remove any surrounding comments (<!-- and -->)

    ▪ Save the server.xml file
  10. Restart the Apache Tomcat service:

    ▪ Click Start > Run. In the Run dialog box, enter services.msc, and click OK.

    ▪ In the Services console, right-click the Apache Tomcat 6 service, and click Restart.
  11. Test HTTPS on Apache Tomcat. Go to the URL: https://localhost/tomcat.gif. The Tomcat image should appear. Ignore any certificate errors.
  12. On the ArcGIS Server machine, export the Web Services Handler to the Apache Tomcat Web server. Log in to the Server Manager (http://localhost:8099/arcgismanager/main/main.jsf).
  13. In Manager, click the Services tab, click the Configure Services Handler, and click the Export tab.

    ▪ Under Export Web Services, select Web Service.

    ▪ Under WAR File Name, enter services.

    ▪ Under User name, enter arcgismanager.

    ▪ Under Password, enter the <password for arcgismanager>.

    ▪ Click Test Connection, and verify that the connection is successful.

    ▪ Scroll down and click the Export button.

    ▪ When prompted, save the services.war file (a specific location is not required).
  14. On the Web server, open the Tomcat Manager (http://localhost/manager/html user=admin password=admin).

    ▪ In WAR file to upload, browse to the services.war file saved in the previous step, click Open, and click Deploy.

    ▪ Test the Services Handler: http://localhost/services?wsdl / https://localhost/services?wsdl
  15. Export the REST handler from ArcGIS Server. In the Server Manager, click the Services tab, click the Configure Services Handler, and click the Export tab.

    ▪ Under Export Web Services, select Rest Service.

    ▪ Under WAR File Name, enter rest.

    ▪ Under Soap URL, enter https://localhost/services.

    ▪ Under User name, enter arcgismanager.

    ▪ Under Password, enter the <password for arcgismanager>.

    ▪ Click Test Connection, and verify that the connection is successful.

    ▪ Scroll down and click the Export button.

    ▪ When prompted, save the rest.war file (a specific location is not required).
  16. On the Web server, open Tomcat Manager.

    ▪ In WAR file to upload, browse to the rest.war file saved in the previous step, click Open, and click Deploy.

    ▪ Test the Services Handler: http://localhost/rest / https://localhost/rest.
  17. Create a Context Handler on Apache Tomcat for virtual directories:

    ▪ On the Web server create the following new file: C:\Program Files\Apache Software Foundation\Tomcat 6.0\conf\Catalina\localhost\arcgisserver.xml containing:


    <Context path="/arcgisserver" docBase="C:\arcgisserver" debug="0" privileged="true" /> 



    ▪ Restart the Apache Tomcat service: Click Start > Run, and in the Services console, right-click Apache Tomcat 6, and click Restart.
  18. Restart the Apache Tomcat service:

    ▪ Click Start > Run. In the Run dialog box, enter services.msc, and click OK.

    ▪ In the Services console, right-click the Apache Tomcat 6 service, and click Restart.
  19. Test the virtual directory: On the Arc GIS Server machine, drop any HTML or image file into the C:\arcgisserver folder, browse to http://localhost/<file.htm> or https://localhost/<file.htm>, and verify that the file displays.
  20. Configure Secure Services on ArcGIS Server:

    ▪ Log in to the ArcGIS Server Manager.

    ▪ Expand Services, and click Manage Services.

    ▪ In the Manage Services window, click the Edit folder properties button.

    ▪ In the Folder properties window, select the Web Encrypted check box, and click Save.
  21. Configure Secured Virtual Directories on ArcGIS Server.

    ▪ Log in to the ArcGIS Server Manager.

    ▪ Expand the GIS Server tab, and click Server Directories.
  22. In the Server Directories window, select each of the following items in the Show drop-down list box and under Virtual Directory, edit the host name, and click Save. (Click the pencil symbol to edit the directory names.)

    ▪ Select Output Directories, and edit the hostname for https://<hostname of current server>/arcgis/arcgisserver/arcgisoutput.

    ▪ Select Jobs Directories, and edit the hostname for https://<hostname of current server>/arcgis/arcgisserver/arcgisjobs.

    ▪ Select Cache Directories, and edit the hostname for https://<hostname of current server>/arcgis/arcgisserver/arcgiscache.
  23. Refresh each published service to reference the new configuration.

    ▪ Log in to the ArcGIS Server Manager.

    ▪ Expand Services, and click Manage Services.

    ▪ For each service listed, click the Edit pencil icon, and click the Parameters tab.

    ▪ In the Output Directory list box, select C:\arcgisserver\arcgisoutput.

    ▪ Click Save and Restart.

Related Information


Created: 3/1/2010
Last Modified: 12/8/2010

Article Rating: (1)
If you would like to post a comment, please login

Comments

By ebodin - 08/31/2012 10:34 AM

The article needs to be updated.

Will this work with ArcGIS Server for Java 10.1, and will it work on Solaris?

By arwoodside - 04/18/2012 4:13 PM

The article needs to be updated.

The instructions seem to be related to Windows rather than the Solaris platform.

Rating: