Bug #40414 Installer for Monitor upgrade does not provide a way to enable SSL
Submitted: 30 Oct 2008 4:51 Modified: 11 Nov 2008 17:03
Reporter: Marcos Palacios
Status: Closed
Category:Monitoring: Install Severity:S3 (Non-critical)
Version:2.0.0.7087 OS:Any
Assigned to: BitRock Merlin Target Version:2.0 RC-02
Triage: Needs Triage: D3 (Medium)

[30 Oct 2008 4:51] Marcos Palacios 
Description:
The update installer for the 2.0 Monitor does not have an 'Is SSL support required?'
checkbox. Therefore, the conf/server.xml file, which includes the appropriate SSL
connector definition (see below), has the definition commented out. 

It would make for a better customer experience if the choice was given when upgrading the
monitor. Note: A similar argument could be made for the agent update installer.

    <!-- Define a SSL HTTP/1.1 Connector on port 18443 -->
    <!-- MERLIN CHANGE START -->
    <!--
    <Connector port="18443" 
	       protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" 
               keystoreFile="conf/myKeystore" 
               keystorePass="mysqlnetwork"/>
    -->
    <!-- MERLIN CHANGE STOP  -->

How to repeat:
1. Install monitor version 1.3.3.
2. Upgrade the monitor to version 2.0.0.7087.
3. Notice that the monitor upgrade installer does not ask about enabling SSL.
4. Review the conf/server.xml file and observe the SSL connector definition is commented
out.

Suggested fix:
1. Ask in the monitor update installer if SSL should be enabled.
2. Produce the SSL connector definition in conf/server.xml accordingly.
[6 Nov 2008 0:54] Andy Bang 
We should include a screen just like the "Tomcat Server Options" screen from the full
installer in the upgrade installer.  This screen should go after the "Backup of Previous
Installation" screen and before the "Ready to Install" screen in the upgrade installer. 
The 3 Tomcat port textfields should be pre-populated with the values the user entered in
the original install (i.e. the corresponding values in server.xml), and the "Is SSL
support required?" checkbox should default to "no" (i.e. unchecked).
[10 Nov 2008 13:43] BitRock Merlin 
Patch sent to Keith.
[10 Nov 2008 23:56] Keith Russell 
Patch appled in versions 2.0.0.7093.
[11 Nov 2008 0:45] Marcos Palacios 
Verified fixed in build 2.0.0.7093.
[11 Nov 2008 17:03] Tony Bedford 
An entry was added to the 2.0 changelog:

The update installer for the 2.0 Monitor did not have an Is SSL support required?
checkbox. Therefore, the appropriate SSL connector definition was commented out in the
conf/server.xml file.