Configuring Campaign in SSL and Campaign Listener in non-SSL

If your setup has Campaign in SSL and the Campaign Listener in the non-SSL mode, you must configure settings for the applications to work seamlessly.

Before you begin

The Campaign web application must be configured in SSL by using the default certificates.

About this task

All configurations are applicable to the WebSphere Application Server for Campaign. Multiple steps are involved to configure the SSL and non-SSL setup. Each step might have more substeps to be completed.

Procedure

To configure Campaign in SSL and Campaign Listener in non-SSL, complete the following steps:
Complete the following steps.
Table 1. Configuring Campaign in SSL and Campaign Listener in non-SSL
# Step Substeps
1 Generate and use .pem (certificate) file. Run the following commands from and location and note the paths. Create new certificate file example campaign.pem (copy key.pem and certificate.pem content into this file separated by new line )
set OPENSSL_CONF=CAMPAIGN_HOME\bin\openssl.cnf
openssl genrsa -out key.pem 4096
openssl req -config openssl.cnf -new -key key.pem -out request.pem
openssl req -config openssl.cnf -x509 -key key.pem -in request.pem -days 1000 -out certificate.pem
The following files are generated at the location from where you ran the commands.
  • key.pem
  • request.pem
  • certificate.pem
  • campaign.pem
2 Import the campaign.pem file into the application server where the Campaign web application is deployed.
  1. Copy the campaign.pem file to the Campaign web application server.
  2. Add the campaign.pem file in the NodeDefaultTrustStore of the WebSphere Application Server by completing the following steps:
    1. Click Security > SSL Certificate and key management > Key stores and certificates.
    2. Click NodeDefaultTrustStore > Signer certificates.
    3. Click Add and provide the Alias and the path where the campaign.pem file is copied.
    4. Click OK.

The listener key is added to the application server.
3 Modify config.xml file on the listener server. Provide the following information:
  • configurationServerBaseURL: Provide the Campaign SSL URL.
  • unicaServerSSLFile: Provide the PATH_TO_OPENSSL_PEM/campaign.pem file path.
  • unicaServerSSLFilePwd: Provide the corresponding password file path.
<configuration name="bootstrap">
  <category name="bootstrap">
    <property name="suiteName"><value>Affinium</value></property>
    <property name="clientType"><value>HTTP</value></property>
    <!-- configurationServerBaseURL value will be set by AffiniumSuite assembly installer -->
    <property name="configurationServerBaseURL">
        <value>https://eagle191.hcl.com:9447/Campaign</value>
</property>
    <property name="trustedApplication"><value>false</value></property>
    <property name="unicaClientKeystore"><value></value></property>
    <property name="unicaClientKeystorePwd"><value></value></property>
    <property name="unicaServerSSLFile">
        <value>PATH_TO_OPENSSL_PEM/campaign.pem</value>
    </property>
    <property name="unicaServerSSLFilePwd">
       <value>
            password
       </value>
    </property>
  </category>
</configuration>
4 In the unicaACListener settings set useSSL to TRUE. -
5 Restart the Campaign Application Server and the Campaign Listener. -