Hi, I have tried to close down ports 8080 and 9990 in Identity Governance (non-vApp). When port 8080 is disabled, the IG app works fine on port 8443, but the ActiveMQ messages stop working between nodes of the cluster. - I have seen some advice in JBoss forums discussing adding certificates to all nodes and trusting between nodes. - Does anyone have a simpler solution? When port 9990 is disabled, the IG app works fine on port 9993, but the Windows service fails to stop the app. - I have seen some advice in JBoss forums discussing adding certificates to the jboss-cli.xml in a non-conventional format. - Does anyone have a simpler solution? Thanks, Ricky

Symantec IGA

View Only

Securing Identity Governance ports

Ricky Gloden posted Jan 24, 2022 01:59 PM

Hi,

I have tried to close down ports 8080 and 9990 in Identity Governance (non-vApp).
When port 8080 is disabled, the IG app works fine on port 8443, but the ActiveMQ messages stop working between nodes of the cluster.
- I have seen some advice in JBoss forums discussing adding certificates to all nodes and trusting between nodes.
- Does anyone have a simpler solution?

When port 9990 is disabled, the IG app works fine on port 9993, but the Windows service fails to stop the app.
- I have seen some advice in JBoss forums discussing adding certificates to the jboss-cli.xml in a non-conventional format.
- Does anyone have a simpler solution?

Thanks,
Ricky