Bug #40414 Installer for Monitor upgrade does not provide a way to enable SSL
Submitted: 30 Oct 2008 3:51 Modified: 11 Nov 2008 16:03
Reporter: Marcos Palacios Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Enterprise Monitor: Installing Severity:S3 (Non-critical)
Version:2.0.0.7087 OS:Any
Assigned to: BitRock Merlin CPU Architecture:Any

[30 Oct 2008 3:51] Marcos Palacios 
Description:
The update installer for the 2.0 Monitor does not have an 'Is SSL support required?' checkbox. Therefore, the conf/server.xml file, which includes the appropriate SSL connector definition (see below), has the definition commented out. 

It would make for a better customer experience if the choice was given when upgrading the monitor. Note: A similar argument could be made for the agent update installer.

    <!-- Define a SSL HTTP/1.1 Connector on port 18443 -->
    <!-- MERLIN CHANGE START -->
    <!--
    <Connector port="18443" 
	       protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" 
               keystoreFile="conf/myKeystore" 
               keystorePass="mysqlnetwork"/>
    -->
    <!-- MERLIN CHANGE STOP  -->

How to repeat:
1. Install monitor version 1.3.3.
2. Upgrade the monitor to version 2.0.0.7087.
3. Notice that the monitor upgrade installer does not ask about enabling SSL.
4. Review the conf/server.xml file and observe the SSL connector definition is commented out.

Suggested fix:
1. Ask in the monitor update installer if SSL should be enabled.
2. Produce the SSL connector definition in conf/server.xml accordingly.
[5 Nov 2008 23:54] Andy Bang 
We should include a screen just like the "Tomcat Server Options" screen from the full installer in the upgrade installer.  This screen should go after the "Backup of Previous Installation" screen and before the "Ready to Install" screen in the upgrade installer.  The 3 Tomcat port textfields should be pre-populated with the values the user entered in the original install (i.e. the corresponding values in server.xml), and the "Is SSL support required?" checkbox should default to "no" (i.e. unchecked).
[10 Nov 2008 12:43] BitRock Merlin 
Patch sent to Keith.
[10 Nov 2008 22:56] Keith Russell 
Patch appled in versions 2.0.0.7093.
[10 Nov 2008 23:45] Marcos Palacios 
Verified fixed in build 2.0.0.7093.
[11 Nov 2008 16:03] Tony Bedford 
An entry was added to the 2.0 changelog:

The update installer for the 2.0 Monitor did not have an Is SSL support required? checkbox. Therefore, the appropriate SSL connector definition was commented out in the conf/server.xml file.