Cisco Support Tools 1.0 User Guide How to Configure the Dashboard Login for SSL 61
How to Configure the Dashboard Login for SSL
If desired, for extra security, you can configure the Support Tools Dashboard Login
page to use SSL. This ensures that user passwords are encrypted when they are sent
to the Support Tools Server.
Note the only the Login page will use SSL. Once logged into the application, all other
page requests are sent over HTTP.

To Configure the Dashboard Login for SSL

To configure the Dashboard Login page to use SSL:
1. Ensure that an appropriate server certificate is installed on your Support Tools
Server machine, and that Tomcat has been configured for SSL.
Instructions on how to configure Tomcat for SSL are available at:
http://jakarta.apache.org/tomcat/tomcat-4.0-doc/ssl-howto.html
2. In a text editor, open the web.xml file located at:
<support_tools_root>\UIServer\uiroot\WEB-INF\.
3. Locate the following closing tag: </web-app>.
4. Just before that tag, enter the following:
<security-constraint>
<web-resource-collection>
<web-resource-name>IServer</web-resource-name>
<description>
This pattern matches the url to the login page
</description>
<url-pattern>/default/serviceability/secure_login.jsp</url-
pattern>
</web-resource-collection>
<user-data-constraint>
<description>
All patterns matching the pattern above will use
confidential
data constraints, namely, all data will be encrypted over
SSL.
</description>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
5. Save the file.