HTTPS for QAD .NET UI Desktop Screen Display

QAD 2017 Enterprise Edition > User Guides > Security Administration > QAD .NET UI Security > HTTPS for QAD .NET UI Desktop Screen Display

In the QAD .NET UI, screens that display in Desktop mode are based on XML representations of Character UI screens. By default, the XML is posted to Tomcat with an HTTP request to the XMLReceiverServlet for use by the QAD .NET UI. However, instead of using HTTP, you can use HTTPS.

To set up HTTPS for QAD .NET UI Desktop screen display:

1 Enable the SSL Connector in Tomcat. See here.

2 To install the certificate file into Progress you need the certificate in the .pem or .cer format.

3 If you do not have this format then use Internet Explorer to export the certificate in the .cer format: Select Internet Options > Content > Certificates > Trusted Root Certification Authorities and then select your certificate. Select Export. Use Base-64 encoded X.509(.CER).

4 Take the certificate file and run the following Progress command.

If the certificate is in the .pem format, run:

$DLC/bin/mkhashfile <your certificate>.pem

If the certificate is in the .cer format, run:

$DLC/bin/mkhashfile <your certificate>.cer

5 Edit tomcat/webapps/<appname>/WEB-INF/conf/
connectionManagerConfig.xml. Go all the way to the bottom of the file then go up a few lines to the following element: <connectionSetupParameter>. Edit the “value” attribute to use “https” and use the secure Tomcat port.

6 Edit tomcat/conf/server.xml and find the <Host> element near the bottom. Add the following inside that <Host> element. This will provide logging to verify that the XMLReceiverServlet calls are coming through the https port.

<Valve className="org.apache.catalina.valves.AccessLogValve"

directory="logs"

prefix="requests_log."

suffix=".log"

pattern="port=%p urlpath=%U" />

7 Restart Tomcat.

8 To verify the HTTPS activity, look in the tomcat/logs directory for a log file that starts with requests_log and tail -f that log file. You should see requests going to the XMLReceiverServlet on the https port.

9 Once you have done the verification, edit tomcat/conf/server.xml and remove the Valve entry that you added in step 6. It was only for verification.

10 Restart Tomcat.