New Xton Documentation Center
Xton help has moved. Please visit the current version of this page for the most recent updates. Our new documentation center can be found at help.xtontech.com.
Update XTAM from IP-based to Named URL Access
If you current XTAM is accessible from an IP-based URL and you want to switch this to a Named-based URL, then the following guide walks you through the required steps.
In this guide we will use the IP of 10.1.2.3 as our example, the Name as xtam.company.com and port 443. You should use your specific values in place of our example. Therefore we will be switching from https://10.1.2.3/xtam to https://xtam.company.com/xtam
Create a DNS record A for xtam.company.com with the value 10.1.2.3.
Obtain a SSL certificate (in .pfx or .jks format) for the host name xtam.company.com, one that all browsers in your company will trust. Replace your old SSL certificate, which will no longer be trusted because it lacks the host xtam.company.com in its subject, with your new SSL certificate. Use the steps in this article to replace your SSL certificate in XTAM.
Change XTAM’s configuration to accept the host xtam.company.com instead of the IP address. This is done by opening the file $XTAM_HOME/web/conf/catalina.properties and changing the following properties. If they do not currently exist, search the file, then add them manually as shown below. Save and close the file when complete.
cas.managed.path=https://xtam.company.com cas.server.name=https://xtam.company.com cas.server.prefix=https://xtam.company.com/cas cas.view.defaultRedirectUrl=https://xtam.company.com/xtam/
The above configuration assumes you are accessing XTAM using port 443. If you are using a different port like 6443 or another, then be sure to add the port number to all the paths like this example https://xtam.company.com:6443
(Optional) If you are currently accessing XTAM using port 6443 and wish to switch to another port, like 443, then complete this step. If you do not wish to change the port or have already done so previously, you skip this step. Open the file $XTAM_HOME/web/conf/server.xml in a text editor. Search this document for your current port number (i.e. 6443) and replace it with your new port number (i.e. 443). There will be two places in this xml file that will need to be updated.
Import your new SSL certificate into the XTAM keystore. There are several ways to do this, please choose the one that works best for you.
If you are already on the latest version of XTAM (or more recent than May 1, 2020), then perform the procedure above and restart the PamManagement (Windows) or pammanager (Linux) service. After the restart, wait about 5 minutes and then restart the same service one more time. XTAM will import the new certificate during the first restart and will use it after the second restart.
If you are on a version of XTAM between January 1, 2020 and May 1, 2020, then perform the procedure above and restart the PamManagement (Windows) or pammanager (Linux) service. After the restart, wait about 5 minutes and then execute the following command from $XTAM_HOME (you will need Administrator or sudo permissions)
For Windows:
bin\PamDirectory.cmd SSLImport xtam.company.com 443
For Linux:
bin/PamDirectory.sh SSLImport xtam.company.com 443
If the command returns any trust errors, follow the prompts to import all certificates into the XTAM store, one by one. Afterwards, run the same command again to confirm that no trust errors remain.
For all versions of XTAM, you can use the PamKeyTool.cmd command to import your SSL certificate. This procedure is described in this article.
Finally, your XTAM instance will now be accessible from your new named URL. Open your login page (https://xtam.company.com/xtam) and confirm it is working as expected.