Redirecting All HTTP Requests to HTTPS

Servigistics InService Deployment > Redirecting All HTTP Requests to HTTPS

You can set up the Servigistics InService web application server to use HTTP Secure (HTTPS), and respond to all HTTP requests with a redirect to the HTTPS site. HTTPS is the secure version of HTTP, the protocol over which data is sent between the browser and the website that you are connected to. It means all the communication between the browser and the website is encrypted. This helps securing the application by re-direction.

The following steps are applicable for Servigistics InService Offline solution as well.

Steps for Redirecting Traffic to HTTPS

Redirection helps to redirect all the URLs to HTTPS protocol under the *.PTC.com domain. Follow these steps to redirect all HTTP requests to HTTPS:

1. Stop the Core server, Core CMI server, and JBOSS services that are running.

2. Open the web.xml file located in the directory <INS_HOME>/InS_SW/SW/Applications/e3c.ear/TaskManager.war/WEB_INF.

3. Add the following security constraint in the web.xml file:

<security-constraint>
   <web-resource-collection>
       <web-resource-name>InService</web-resource-name>
       <url-pattern>/*</url-pattern>
</web-resource-collection>
   <user-data-constraint>
         <transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>

4. Modify the wt.properties file in the *\ptc\InService\InS_SW\SW\Applications\Windchill.ear\codebase.war folder for the following:

wt.webserver.port=8443
wt.webserver.protocol=https

This allows you to redirect to port 8443 as well.

5. For Offline system:

a. Update the property com.ptc.sc.data.updates.master.baseurl in the site.xml file on the Offline system with protocol using which The Offline system wants to communicate with the corresponding web system. For communicating over HTTPS protocol, update this file with the following entry:

com.ptc.sc.data.updates.master.baseurl=https\:
//<web_server_host>\:<web_server_port>

For example,

com.ptc.sc.data.updates.master.baseurl=https\:
//webHostName.domainName\:8443

b. In case of web system communicating over HTTPS protocol, the web system certificate must be imported to the Offline system. By default, Servigistics InService comes with self-signed certificates located in the <InS_HOME>\InS_SW\SW\System\WildFly\standalone\configuration\*.crt folder. PTC strongly recommends the use of CA certificates only. The CA or self-signed certificates must be imported to the Offline system using <InS_HOME>\InS_SW\SW\importCertificate.bat/sh file in case web system is configured on the HTTPS protocol. For example,

run importCertificate.sh <certificate_name_without_crt_extension>

Ensure that the required CA certificate (input to this script) is present in the <InS_HOME>\InS_SW\SW\System\WildFly\standalone\configuration folder.

6. Restart the coreServer, coreCMIserver, and JBoss services.