Forcing traffic to be sent over an encrypted connection
You can configure HCL Connections™ to force all traffic that passes between a Connections server and a user's web browser to be sent over an encrypted connection.
Before you begin
To edit configuration files, you must use the wsadmin client. See Starting the wsadmin client for details.
Procedure
-
Use the wsadmin client to access and check out the Connections configuration files.
- Enter the following
command:
LCConfigService.updateConfig("force.conf.comm.enabled", "true")
- After making changes, you must check the configuration files back in and you must do so during the same wsadmin session in which you checked them out for the changes to take effect. See Applying common configuration property changes for information about how to save and apply your changes.
- Optional: To secure session cookies, complete
the following steps:
- Log in to the WebSphere® Application Server Integrated Solutions Console of the server hosting your Connections applications as the administrator.
- Expand WebSphere application servers. , and then select
- Click the server hosting Connections from the list of server names.
- Click Session Management, and then click Enable cookies.
- Select the Restrict cookies to HTTPS sessions check box.
- Click Apply, and then click OK.
- Optional: To secure LTPA tokens, complete
the
following steps:
- From the WebSphere® Application Server Integrated Solutions Console, expand Security, and then click Global security.
- Expand Web and SIP security, and then click single sign-on (SSO).
- Select the Requires SSL check box.
- Click Apply, and then click OK.