This topic provides important recommendations that help you configure secure communications between the web browser and the web server and between the web server and the backend services.
Tomcat/Web browser
To secure the communication between the web browser and Tomcat, Automic strongly recommends using SSL.
For details on the SSL configurationUn ensemble de composants qui constituent un système. Ceci comprend des informations relatives à la manière dont les composants sont connectés, ainsi que les paramètres appliqués. please refer to the Apache Tomcat product documentation at:
https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html.
Plugins/Backend services
Likewise, if you are using plugins that implement SSL to establish a secure communication with the backend services, please make sure that Tomcat or the JVM you are using are configured to trust the certificates installed on the backend services.
For this purpose, Automic recommends using the certificates issued by a Certificate Authority that the JVM trusts by default.
If, however, you need to use self-signed certificates, you must configure Tomcat or your JVM to trust them. For this purpose you must add them:
For details on the truststore parameters, please refer to the product documentation of the Tomcat connector configuration at:
As of version 11.2, the ssl.properties configuration file is no longer supported. Therefore, if you upgrade from an earlier version in which you have used it to define a custom truststore, you cannot use it anymore. You must reconfigure your secure communications as described in this topic.