Modifying the configuration settings of the HTTP/TCP proxy

You can modify the registration.xml file of the HTTP/TCP proxy to change the server address, log level, and other settings.

About this task

The registration.xml file in <Rational Integration Tester Platform Pack installation directory>\httptcp contains configuration settings for the HTTP/TCP proxy.

Note: The HTTP/TCP proxy is installed with default port settings for HTTP and TCP proxying.

Note: If you are using IBM® Rational® Integration Tester Platform Pack 8.0.0.2 or later, the HTTP/TCP proxy’s HTTPS functionality supports mutual authentication of any connections between the proxy and any intended target servers. That is, if a server is configured to authenticate any clients that are connecting to it, the server requires HTTP/TCP proxy to present a client certificate to the server for authentication. The keystore that contains this certificate is specified in outboundKeyStoreFile.

Note: If you are using Rational Integration Tester Platform Pack 8.0.0.2 or later, the HTTP/TCP proxy also supports inbound plain text communications from clients and secure onward connections. Although this configuration is unusual, it enables the HTTP/TCP proxy to be used to convert between a client that can use only plaintext (HTTP) communication and a server that accepts only secured (HTTPS) communication. If this functionality is required, the client must be set to use the plainCommsPort port on the HTTP/TCP proxy, which is configurable.

Procedure

Use a text editor to open the registration.xml file.

Edit the configuration settings as shown in the following tables for HTTP, HTTPS, and TCP (use the table that is most relevant to your requirements):

Table 1. HTTP/TCP proxy, HTTP configuration settings
Configurable setting	Description
`server base-url="http://<Host name or IP address selected during installation of Rational Test Control Panel>:7819/RTCP/"`	By default, an IBM Rational Test Control Panel installation listens for proxy registration on port `7819`. If your Rational Test Control Panel installation is using a different port number, enter the number in this field. (This port number can also be configured when you are using IBM Installation Manager to install Rational Integration Tester Platform Pack.)
`logger level`	Options are as follows: debug error info warning
`identifier name` Note: This setting is available only in Rational Integration Tester Platform Pack 8.6.0 or later.	This setting enables you to specify a name for this proxy. This makes it easier to identify a specific proxy when there are two or more proxies of the same type registered with Rational Test Control Panel. Note: By default, this setting is commented out. Therefore, to use this setting, you must first uncomment it and then edit the identifier name. Note: Only Rational Test Control Panel 8.6.0 or later can display identifier names of proxies (and agents).
`http-proxy port`	`3128` is the default port number where the HTTP/TCP proxy listens for HTTP traffic and any client applications that communicate with the proxy also need to be set to the same port. If this port number is already in use on the computer where the proxy is being installed, you must enter a different port number. Otherwise, changing the default port number is optional.
`bind-address`	This setting is optional for multihomed computers with more than one IP address. Default setting: Blank (meaning "all").
`domains`	Ordinarily, there is no need to edit the `domain` and `environment` tags. However, if Rational Test Control Panel is used to set up specific business domains and environments: Set the `name` attribute of the `domain` tag to the domain name in the IBM Rational Integration Tester project that is being used to record HTTP traffic. Set the `name` attribute of the `environment` tag to the name of the environment that is selected in the Rational Integration Tester project for recording HTTP traffic.
`statistics http-initial-state` Note: This setting is available only in Rational Integration Tester Platform Pack 8.6.0 or later.	Setting the initial state to `on` will set the Observation level for this intercept in Rational Test Control Panel 8.6.0 or later to Statistics when the intercept first registers with Rational Test Control Panel. Setting the initial state to `off` will set the Observation level for this intercept in Rational Test Control Panel 8.6.0 or later to None when the intercept first registers with Rational Test Control Panel.
`observed-resources` Note: This setting is available only in Rational Integration Tester Platform Pack 8.6.0 or later.	This setting enables you to specify which file extensions are used by the HTTP/TCP proxy when analyzing observed URLs to determine which resources in its traffic can be ignored when collecting observation data. You can use one or more regular expressions to configure the `exclude extension` settings. If URLs do not contain file extensions they are included in the observed resources. Note: If URLs do not contain any file extensions specified, they are included in the observed resources.

Table 2. HTTP/TCP proxy, HTTPS configuration settings
Configurable setting	Description
`server base-url="http://<Host name or IP address selected during installation of Rational Test Control Panel>:7819/RTCP/"`	(Refer to Table 1.)
`logger level`	(Refer to Table 1.)
`https-proxy port`	`3129` is the default port number where the HTTP/TCP proxy listens for HTTPS traffic and any client applications that communicate with the proxy also needs to be set to the same port. If this port number is already in use on the computer where the proxy is being installed, you must enter a different port number. Otherwise, changing the default port number is optional.
`bind-address`	(Refer to previous table.)
`serverProtocol`	The protocol that the secure server socket uses. Default value: `SSL_TLS, TLS`.
`keyStoreFile`	The value of the `keyStoreFile` attribute is set to `greenhat.jks`, which is included with the HTTP/TCP proxy. Ordinarily, it is not necessary to specify and use a different Java™ keystore (JKS). However, it can be necessary to specify and use a different JKS if you want to use your own generated certificate that is already trusted by the client applications or if a specific certificate in the specified JKS was created incorrectly.
`keyStoreType`	It can be necessary to specify and use a different keystore file type if you want to use a keystore file other than `greenhat.jks`. Default value: `jks`.
`keyStoreAlias`	Each certificate in a JKS is associated with a unique alias. If the JKS `greenhat.jks` is used, the default value of the `keyStoreAlias` attribute is `mykey`. However, if a different JKS needs to be used, a different alias needs to be specified.
`keyStorePassword`	A JKS protects private keys with a password. The default keystore password for Trusted Client Certificates is `passphrase`.
`signingAlgorithm`	The algorithm that is used when signing certificates. Default value: `SHA1withRSA`.
`plainCommsPort`	The port that is used to handle plain text to SSL communications. Default value: `3130`.
`clientProtocol`	The protocol that the onward secure connection uses. Default value: `SSL_TLS, TLS`. The specified default options are checked for availability. SSL_TLS protocol is supported by the IBM JRE and if unavailable TLS protocol is used.
`outboundKeyStoreFile`	The file that contains public and private keys that are used by the proxy to identify itself during mutual authentication. Default value: `greenhat.jks`.
`outboundKeyStorePassword`	The password that is required to access the keystore that is used during mutual authentication. The default keystore password for Trusted Client Certificates is `passphrase`.
`domains`	(Refer to Table 1.)

Table 3. HTTP/TCP proxy, TCP configuration settings
Configurable setting	Description
`server base-url="http://<Host name or IP address selected during installation of Rational Test Control Panel>:7819/RTCP/"`	(Refer to Table 1.)
`logger level`	(Refer to Table 1.)
`forward bind`	Each base/default route is specified in a forward element and you can configure as many as you need. `bind` refers to the HTTP/TCP proxy’s listening port forwarder and optional bind address. Port numbers `2000` and `2001` are example port numbers where a HTTP/TCP proxy listens for TCP traffic. If `2000` or `2001` is already in use, you must enter a different port number. A port number for a bind address can be any number in the range 0-65535. Note: If you are using Linux/UNIX, you need to be logged in as user `root` to bind to port numbers less than 1024.
`destination`	`destination` refers to the base destination address, that is, the intended destination of TCP traffic from a source if there are no routing rules. Port numbers `3000` and `3001` are example TCP port numbers where the target application is listening for TCP traffic from a client application. A port number for a destination address can be any number in the range 0-65535. Note: If you are using Linux/UNIX, you need to be logged in as user `root` to bind to port numbers less than 1024.
`type`	The optional `type` attribute can be used to enable more protocol-specific features, such as content-based routing. The following are possible values for `type`: `fix` (Financial Information eXchange transport traffic) `ims`, `imss` or `imsconnect` (IBM Information Management System (IMS™) Connect transport traffic) `ipic` (CICS® IP interconnectivity) `tcp` (TCP connection) `http` (HTTP connection) `mqtt` (MQ telemetry transport connection) `tcps` (TCP connection with SSL/TLS) `https` (HTTP connection with SSL/TLS) `ipics` (CICS IP interconnectivity with SSL/TLS) `mqtts` (MQ telemetry transport connection with SSL/TLS) Note: The default value is `tcp`. Both `ims` and `imsconnect` are supported only by Rational Integration Tester 8.5.1.1 or later. If you want to virtualize IMS Connect traffic, you must use the TCP proxy. TCP transport used for recording must be configured for the destination of the forward and not the bind. So, you can avoid providing the value `tcp` for `type`. The values of `ipic`, `ipics`, `mqtt`, and `mqtts` are supported only by Rational Integration Tester 8.6.0 or later. Any other value will be ignored, causing all TCP traffic to be forwarded as raw TCP data. .
`domains`	(Refer to Table 1.)
`statistics tcp-initial-state` Note: This setting is available only in Rational Integration Tester Platform Pack 8.6.0 or later.	Setting the initial state to `on` will set the Observation level for this intercept in Rational Test Control Panel 8.6.0 or later to Statistics when the intercept first registers with Rational Test Control Panel. Setting the initial state to `off` will set the Observation level for this intercept in Rational Test Control Panel 8.6.0 or later to None when the intercept first registers with Rational Test Control Panel.

Save and close the file.

Results

If you selected the Install Service and Start on Boot options for the HTTP/TCP proxy while installing Rational Integration Tester Platform Pack (by default, those settings are selected in Installation Manager), you must restart the proxy.

For example, if you are using Microsoft Windows, open the Services applet in Control Panel and restart the IBM RIT HTTP Proxy Windows service.

Note: You might also need to make configuration changes to each stand-alone application and hosted application that is communicating with the HTTP/TCP proxy by means of HTTP(S) traffic. For more information about this, see the related links below.

Feedback