RiskVision Report Server

Perform the following steps to configure SSL encryption. 

Database

Execute the following query to enable reportuser to access SSL encrypted database:

• GRANT USAGE ON agiliance.* TO 'reportuser'@'<HOST_NAME of Report server>' IDENTIFIED BY '<REPORT_USER Password>' REQUIRE SSL;
• FLUSH PRIVILEGES

RiskVision

1. Add the statements pointing to JKS files and keystore passwords in the agiliance.properties file.
2. Replace security jars under the security folder of jre\lib.
3. Restart RiskVision Job Manager, RiskVision Apache, and RiskVision Tomcat.

RiskVision Report Server

1. Add verify server certificate and use ssl properties to JDBC URL in <JASPER_HOME>\apache-tomcat\webapps\jasperserver-pro\WEB-INF\agiliance.properties file.

Example: database.mysql.url=jdbc:mysql://<DATABASE HOSTNAME>:3306/?verifyServerCertificate=true&useSSL=true&requireSSL=true&useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&autoReconnectForPools=true

2. Add the following statements pointing to JKS files and keystore passwords in the agiliance.properties file.

The <INSTALL_FOLDER> is where myKS.jks file is present. Make sure that you specify the complete path.

Example:
C:\sslStore\myKS.jks
database.mysql.useSSL=truedatabase.mysql.keystore=<INSTALL_FOLDER>/myKS.jks
database.mysql.keystoretype=JKS
 database.mysql.keystore.password.encrypted=encrypted password (See Creating an Encrypted Password)
database.mysql.truststore=<INSTALL_FOLDER>/myKS.jks
database.mysql.truststoretype=JKSc
database.mysql.truststore.password.encrypted=encrypted password

3. Replace security jars, local_policy.jar and US_export_policy.jar under the %JASPER_HOME%\-
   java\jre\lib\security folder.
4. Open any browser and access the jasper server by using the URL : http://<report server host name>:8480/jasperserverpro/login.html. The JasperReport Server Login page. 

5. Enter your User ID and Password, then click Login. The JasperReports Server Home page is displayed.The JasperReports Server Home page.

6. Click View > Repository.

7. Expand Public, then click Data Sources. The Data Source appears in the Repository pane.The Data Source in the Repository pane. 

8. Click the data source, then click Edit.  The Set Data Source Type and Properties page

9. Append "?verifyServerCertificate=true&RequireSSL=true&UseSSL=true" to JDBC URL.
10. To validate the settings, click Test Connection. Based on the validation results, either proceed to step 11 or step 12.

11. If the connection fails, verify the following steps:
    • Verify if the correct path for JKS file is specified.
    • Verify if you have executed the GRANT permissions with REQUIRED SSL.
    • Verify if the security jars have been replaced with the newly downloaded version.
12. Click Submit.
13. Restart the JasperpostgreSQL and JasperTomcat services:
    • Open the Services window.
    • Click the jasperreportsPostgreSQL service, then click Restart.
    • Click the jasperreportsTomcat service, then click Restart.