Appendix I- Configuring HTTPS Communication with Spectrum Spatial

This appendix describes how to configure SSA to use HTTPS communications whilst communicating with the backend Spectrum Spatial instance. A pre-requisite is that the Spectrum Platform must already have been configured to use HTTPS. If this has not yet been done please see the relevant sections in the Spectrum Spatial Guide on configuring HTTPS for Spectrum and the Map Uploader.

SSA can remain on HTTP if desired. If SSA is to be configured to also use HTTPS for end users browsing to the application then please see Appendix G.

By default Spectrum Spatial Analyst uses the HTTP channel for communication with Spectrum Spatial web services. You can configure Spectrum Spatial Analyst to use HTTPS if you want to secure the network communications between Analyst & Spectrum Spatial. The steps are given below:

Stop Spectrum Spatial Analyst services.
Open shared.properties file in <AnalystLocation>/customerconfigurations/global directory.
Ensure that all the URLs having Spectrum Spatial server host name starts with https.

You have to import the CA certificate into the Java trust store if Spectrum Spatial Server is using a Self-signed certificate.Spectrum Spatial Analyst uses the default Java trust store located in <JAVA_HOME%>/jre/lib/security/cacerts. You can use the Java keytool utility to import CA Certificate into the trust store as shown below:

keytool -importcert -alias CA -file cacert.der -keystore cacerts
Enter password for the cacerts. The default password is changeit
Verify the imported CA certificate by executing this command:
keytool -list -v -keystore cacerts

Now, restart the Spectrum Spatial Analyst services.