Setting Parameters for SSL Termination

  1. Select the Configuration tab, and then click the Customization sub-tab.

  2. From the Select a Topic drop-down list, select SSL Termination.

    If you set the SSL Termination option to Enabled, the following parameters appear:

    Note: This enables the handling of SSL termination by allowing access using HTTP as well as HTTPS. It also specifies if this server is working with an SSL termination device in front.
  3. Next to Accept header certificate information for HTTPS connections, select Enabled or Disabled.

  4. For the Certificate information type option, in the drop-down list select SubjectString or Base64Cert.

    This specifies what kind of information is included in the HTTP header: either a subject string directly or a certificate image. The format of the data passed by the SSL termination device to supply certificate information depends on the vendors. The possibilities include a full certificate image or the subject DN.

  5. In the HTTP Header attribute used to supply the certificate information field, enter the name of the custom HTTP header that contains information about the client certificate used to connect to the SSL termination device. For example, https-frontend-subject.

  6. In the Host used for client card synchronization field, enter the host name of the Apache Tomcat server.

    Note: In case of a configuration error or name resolution issue, configuration can still be changed by connecting to the Operator Portal directly from the ActivID CMS Server. (SSL Termination is bypassed in this case).
  7. In the Port used for client card synchronization field, enter the port of the Apache Tomcat server (for example, 8080).

  8. Click Set.