Idea Details

SSL Setup Utility and/or Better Documentation

Last activity 10-18-2019 03:49 PM
Christopher Walsh's profile image
08-14-2013 03:34 PM

Requesting that for all of the 'Netqos' data sources like NFA, ADA, UCM, CAPC have both better documentation on how to setup SSL on each individual data source.  The documentation is good for CAPC but it is lacking for NFA, ADA, and UCM and the procedure is not intutive.

 

Also it would useful if there was as simple utility to setup SSL, which guides the user through either creating a self signed certificate or importing a 3rd party signed certificate.  Ideally this would prevent the user from having to edit multiple configuration files and run mutliple keytool commands which are prone to error.  This would save lots of time on support issues and guesswork.


Comments

03-08-2018 10:41 AM

Check out the recording when posted of today's CA PM end of sprint demo - Jason demonstrated nice progress with this

06-26-2017 04:45 AM

Dan_Holmes - Hi Dan a easy to use SSO utility across the products with better interface to configure ssl would add a lot of value to the product.

02-17-2017 10:38 AM

The CA Performance Management (CAPM) team is investigating ways to help users / installing admins with their implementation of SSL both during green-field installation and during upgrades. Timeline TBD.  -Margaret (Product Management)

09-11-2015 08:52 AM

Hey CA here's a thought.  Make everyone of your products that have a web client https by default.  I just installed our new Cisco Prime to manage our wireless network and by default the web interface is https . Same with our Cisco TACACS servers.  Nothing to configure, nothing to think about, nothing to worry about every time I upgrade.

08-12-2015 10:26 AM

FYI the steps to correct the SSL Setup after upgrade is documented below:

http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec1430439.aspx?intcmp=searchresultclick&resultnum=2

 

We have already passed the feedback back to development that this is causing issues for our customers as well.

08-12-2015 04:16 AM

Hi,

Each time i upgrade  ADA, NFA, CAPC   i got problem with SSL definitions  lost .

I cannot open a ticket each time ,  I spend enough  time each time to all   customize again .

And  it is difficult   because   developers change  the path of jetty,  release n-2  path was jetty ,  release n-1  path was jetty-7.2.0   ;  actual release   path is again jetty ,  so all   keytool command   have to be modified .

I think    SSL  environment are not  taken seriously into consideration  by developers

 

Have  a stand alone documentation  in PDF   is    not as good as    online documentation on product    with a CONTEXT help

regards

08-12-2015 04:15 AM

Hi,

Each time i upgrade  ADA, NFA, CAPC   i got problem with SSL   definitions  lost .

I cannot open a ticket each time ,  I spend enough  time each time to all   customize again .

And  it is difficult   because   developers change  the path of jetty,  release n-2  path was jetty ,  release n-1  path was jetty-7.2.0   ;  actual release   path   is again jetty ,  so all   keytool command   have to be modified .

I think    SSL  environment are not  taken seriously into consideration  by developers

Regards

 

Yannick Jarno

Direction Expertise & service Infrastructure.

Expert Réseau

Tél.: 05 61 61 31 59

INFORMATIQUE

BANQUE POPULAIRE

56, route de Lavaur BP6

31131 BALMA CEDEX

 

De : sigju01

Envoyé : mardi 11 août 2015 16:56

À : JARNO Yannick (i-BP)

Objet : Re:  - SSL Setup Utility and/or Better Documentation

 

CA Communities <https://communities.ca.com/?et=watches.email.idea_comment>

 

 

SSL Setup Utility and/or Better Documentation

new comment by Justin Signa<https://communities.ca.com/people/sigju01> View all comments on this idea<https://communities.ca.com/ideas/103003647#comment-233917330>

08-11-2015 10:55 AM

Please open a support ticket on that.  This is because the SSO tool was upgraded so the Jetty Keystore and configuration files have been overwritten.

08-10-2015 09:08 AM

I have just upgraded   to  NFA   9.3.2    and one time more   I lost   the whole SSL configuration !

12-19-2014 10:12 AM

So, how about the request be: "Make a checkbox in CAPC that turns on SSL for CAPC and all data sources"

 

Maybe a radio button that defaults to http, but lets you choose https, or both.

12-16-2014 11:47 AM

I totally agree.  Right now I would not touch the current documentation with a ten foot pole regarding configuring SSL for CA products and I need to have SSL on my CA products

12-16-2014 11:43 AM

This idea should be applied for ALL the CA products.  They all have some nuances that make them just different enough to make configuring/maintaining/upgrading the SSL setup very annoying.  It would be nice to have a single document to reference for _all_ SSL configurations and dependencies across products.

 

It would REALLY be nice if there was an actual single SSL solution for all the products that just plugged in.  In lieu of that, the simple utility suggested in this idea would be most useful.

12-16-2014 11:11 AM

I completely agree with that

11-10-2014 04:54 AM

Please add also SSL support for the RIB interface (used for transfering data from UCM / NFA to Performance Center).

At this moment this is not documented (and not supported?). We need total HTTPS support for Performance Center + Datasources + UCM + NFA  (+ADA)!

(also the PDF converter used in NFA / UCM should work when HTTPS is enabled, see ideation: https://communities.ca.com/ideas/235716173 )

07-29-2014 10:57 PM

PM Comments: I agree and will add this to the product backlogs for each of the NetQoS solutions.  There is no estimated time frame or release at this time.

11-07-2013 01:51 PM

Additionally, the manual SSL configuration is overwritten when you install an upgrade!! The configuration should be preserved when upgrading the product.

Idealy, the configuration files that contain the customizations could be stored in sa seprate "custom" direcory for easy backup of the settings