000019137 - Is it possible to protect RSA ACE/Server Quick Admin connections using JRun SSL instead of IIS SSL?

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000019137
Applies ToRSA ACE/Server 5.2
RSA SecurID Web Express
Microsoft Internet Information Server (IIS)
Secure Socket Layer (SSL)
IssueIs it possible to protect RSA ACE/Server Quick Admin connections using JRun SSL instead of IIS SSL?
CauseIt is not possible to use a 3rd-party certificate if JRun has RSA SecurID Web Express or RSA ACE/Server Quick Admin application installed. JRun attempts to use this certificate to connect to sdcommd (web admin daemon) on the RSA server. Sdcommd service disconnects JRun server with SSL System error. Error can be viewed in Windows Application log when verbose mode is enabled for sdcommd.
ResolutionEnabling JRun on an internal web server creates a "back door" connection to RSA ACE/Server Quick Admin pages through port 8100, and must be turned off. The external web server must be disabled using the Connection Wizard. Protect Quick Admin web page on external web server with SSL.
Legacy Article IDa20449