All RTView processes (Data Server, Historian, Display Server) open JMX ports for monitoring which, by default, are not secured. The Security tab allows you secure these ports as well as specify credentials needed to connect to SSL secured servers from RTView's Solution Packages.

SSL Credentials

This region allows you to specify the path to the Truststore and Keystore files (and their associated passwords) that contain the SSL credentials needed to secure the RTView JMX Ports and/or access any SSL secured servers associated with RTView’s Solution Packages. This is required if the Secure with SSL option is enabled (see below for details).

Securing RTView JMX Ports

This region provides a couple of options for securing the JMX ports that are opened by the RTView processes: Secure with SSL and/or Secure with Username and Password.

Secure with SSL

When toggled on, this option secures the JMX ports for the RTView processes with SSL. When the JMX ports are SSL secured, an SSL handshake is performed between the client and the server when the client attempts to connect. For this handshake, the client must provide a certificate the server trusts, and the server must provide a certificate the client trusts. A Keystore file contains the application's certificate and private key and a Truststore file contains the application's trusted certificates. These files are created by running the Java keytool on the command line. When this option is enabled, you must specify the path to the server's Truststore and Keystore files (and their associated passwords) in the SSL Credentials region (see above).

The start_server, stop_server, and status_server scripts are all connected to the JMX Ports of the RTView processes to execute operations and get status. If the JMX ports have been secured with SSL, these scripts need the path and passwords for the truststore and keystore files containing the client credentials in order to connect. You can either pass these in on the command line each time you run (-sslkeystore:clientkeystore.jks -sslkeystorepass:clientkeystorepass -ssltruststore:clienttruststore.jks -ssltruststorepass:clienttruststorepass) or you can fill in the fields under SSL Credentials for RTView Scripts.

The RTView Manager application also connects to the JMX Ports of the RTVeiw processes in order to monitor them. If you are using the RTView Manager and the JMX ports have been secured with SSL, you must fill in the SSL Credentials on the Security tab of the RTView Manager Configuration Application to specify the path the truststore and keystore files containing the client credentials.

Secure with Username and Password

This region allows you to secure the JMX ports for RTView processes, which would then require using a specific username/password to gain access. If this option is enabled, you must specify the path to the password file containing all valid user names and passwords.

The start_server, stop_server, and status_server scripts are all connected to the JMX Ports of the RTView processes to execute operations and get status. If the JMX ports have been secured with a username and password, the scripts need a valid user name and password in order to connect. You can either pass these into the command line each time you run (-jmxuser:userName -jmxpass:myPassword) or you can fill in the Username and Password Credentials and enable the Use for Scripts toggle.

The RTView Manager application also connects to the JMX Ports of the RTVeiw processes in order to monitor them. If you are using the RTView Manager in RTViewCentral and the JMX ports have been secured with username and password, you must fill in the Username and Password Credentials that the RTView Manager should use to connect. If you are using the RTView Manager in a deliverable other than RTViewCentral, you will need to fill in the user name and password in the connection to this RTViewDataServer in the RTView Manager Configuration Application.

Open

The Security tab has the following fields: