In this section:
SSL
All DTP REST APIs, as well as the API Documentation, communicate over SSL. An SSL port is configured in new DTP installations by default, but if you are migrating from Concerto (prior to version 4.9.4) you must configure the SSL manually. See Enabling SSL for instructions. If you are currently running Concerto 4.9.4, you should already have configured the SSL.
DTP Enterprise Pack Settings
DTP and DTP Enterprise Pack must use the same protocol (either HTTP or HTTPS). See Enabling SSL for additional information.
SSLv3 is deactivated in JRE 1.7.0_75
DTP version 5.1.3 and later ships with Java 1.8.0_102-b14. Since JRE 1.7.0_75, SSLv3 is deactivated by default for security reasons. Per Oracle’s release notes for JRE 1.7.0_75:
"Starting with JDK 7u75 release, the SSLv3 protocol (Secure Socket Layer) has been deactivated and is not available by default. See the
java.security.Security propertyjdk.tls.disabledAlgorithms
property in the<JRE_HOME>/lib/security/java.security file
."
SSLv3 contains a serious security vulnerability and should not be used. The protocol is obsolete across many platforms, including DTP.
If SSLv3 is required in your environment, you can reactivate the protocol by removing SSLv3 from the jdk.tls.disabledAlgorithms
property in the [DTP_HOME]/jre/lib/security/java.security
file. You can also dynamically set the Security
property to true
before JSSE is initialized.
Tomcat Server
DTP ships with and runs on Tomcat 9.0.33. You should only have one instance of Tomcat running on the same machine to avoid conflicts related to port configuration.
If multiple Tomcat configurations are necessary in your infrastructure, you can edit the [DTP_HOME]/tomcat/conf/server.xml
file to ensure that servers run on different ports. For example, you may run a Tomcat shutdown on port 8005, and another on port 18005.