Manage your default ports and HTTP protocols

The Deployment Monitoring Console (DMC) allows you to manage and modify your default ports to meet your workplace protocols whenever you want.

Uses

Users typically manage and modify default ports when they work in an environment with IT policies that determine how traffic is handled on internal networks, and the default port setup needs to be modified to meet those needs. Users can also modify their ports when they want to have the Datical web server listen to specific ports.

Manage and modify your default ports

To manage and modify your existing ports:

  1. Open cluster.properties under <install_dir>/config/.
  2. Add datical.server.proxy.enabled=false.

Add the following settings to the /opt/datical/datical-service/config/application.properties file:

  1. datical.server.https.port=2445.
  2. datical.server.https.externalPort=2445.
  3. datical.server.http.port=4455.
  4. datical.server.http.externalPort=4455.

Note: Ports 2445 and 4455 can be any unused port number on the DMC host. The maximum port number is 65535.

  1. Restart datical-proxy using command sudo service datical-proxy restart.
  2. Restart datical-service using command sudo service datical-service restart.
  3. Navigate to https://host_name:2445.

Enable the HTTP Protocol

By default, the DMC supports the HTTPS protocol. Currently, If you navigate to the HTTP protocol, it will redirect to HTTPS.

To change the default to support HTTP in addition to HTTPS, complete the following steps:

  1. Create application.properties files under ,<INSTALL_DIR>/datical-service/config/
  2. Add the following property: datical.server.https.required=false to the file.

    Example: sudo echo "datical.server.https.required=false" > /opt/datical/datical-service/config/application.properties

  3. Restart the datical-proxy using the following command: sudo service datical-proxy restart.
  4. Next, restart the datical-service using the following command: sudo service datical-service restart.
  5. Open the DMC UI using HTTPS in the url and log in.
  6. Log out of the DMC UI.
  7. Open the DMC UI using HTTP in the url and log in.
  8. Log out of the DMC UI.
  9. Check datical-service with http://host_name.

Note: HTTP is an unsecured protocol. HTTPS is recommended.

DMC behind a Load Balancer

The DMC can be placed behind a load balancer. To configure the load balancer complete the following steps:

  1. Create a listener on the load balancer for either HTTPS(443) or HTTP(80)
  2. Set the target for the load balancer to be the hostname or IP of the DMC on the same corresponding port.

Enable HTTP Options for DMC

You can use the HTTP OPTIONS method to administer DMC and initiate a client-server connection. However, as a security precaution, the HTTP OPTIONS method is disabled for DMC by default. If your internal monitoring software or other tools rely on the DMC HTTP OPTIONS method to work with your internal systems, and you need to enable HTTP OPTIONS, follow these steps:

  1. On your DMC server, open or create the file: <DATICAL_SERVICE_INSTALL_FOLDER>/datical-service/config/application.properties.
  2. Add the setting to enable the HTTP OPTIONS method: datical.options-request-disabled=false and save your changes.
  3. Restart datical-proxy using the following command:
    4. sudo service datical-proxy restart
  4. Restart datical-service using the following command:
    5. sudo service datical-service restart
  5. Check datical-service with http://host_name.

Obtain and Import a Certificate Signed by a Certificate Authority

This section covers how to use a certificate signed by a Certificate Authority to secure data transmitted between the server and the browser, which is a two step process as follows:

Step 1: Submitting a Certificate Signing Request to the Certificate Authority

To generate a certificate signing request:

  1. Start a terminal session on the server where DMC is installed
  2. Run the following command:
    3. datical-control https generate-signing-request --output <path/to/file.csr>
# Example:
datical-control https generate-signing-request --output /tmp/certificate.csr
  1. Copy the certificate.csr file to a system with internet access (if necessary)
  2. Upload the CSR to the Certificate Authority used by your organization

The Certificate Authority will confirm the identity of your organization and the authenticity of your request. Once that process completes, you will be able to download a new certificate specific to your DMC server.

Step 2: Importing the Certificate into the DMC Installation

Once the Certificate Authority issues the certificate based on your certificate request, follow the steps below to import that certificate into your DMC installation:

  1. Download Signed Certificate in .pem or .p7b format
  2. Copy the Signed Certificate to the server where DMC is installed
  3. Start a terminal session on the server where DMC is installed
  4. Import the Signed Certificate. Run the following command:
    5. datical-control https import-certificate --certificate <path/to/file.p7b>
# Example:
datical-control https import-certificate --certificate /tmp/certificate.p7b

Related links