MicroStrategy ONE

Enable HTTPS Connection Between the Refine Server and Web Server for Data Wrangling

For ASP and IIS server, the default connection between the Refine Server and Web Server is HTTP. Thus, you must complete the following steps to manually enable HTTPS connection.

For JSP and Tomcat server, MicroStrategy provides an out-of-the-box keystore and the default connection is HTTPS.

You can enable HTTPS connection between the Refine Server and Web Server to ensure secure data wrangling service.

  1. Prepare the self-assigned certificate
  2. Enable Refine Server HTTPS connection
  3. Enable Data Warehouse HTTPS connection on the Web Server

If you run into issues, please refer to the Troubleshooting section.

Prepare the Self-Assigned Certificate

To establish HTTPS connection for Web Server and Refine Server, you must have two keystores prepared. One is the Refine Server keystore, which is used for TLS encryption. The other is the Web Server client trust store, which is used for validating the server certificate. There are multiple ways to generate a self-assigned certificate, such as JDK keytool, OpenSSL. and XCA. For more information, see Self-Signed Certificates.

Enable Refine Server HTTPS Connection

  1. Find the openrefine installation path. For example, C:\Program Files (x86)\MicroStrategy\Intelligence Server\openrefine.
  2. In the webapp folder, create a new folder and put the server keystore file in this folder.

  3. Open Registry Editor.
  4. On Windows, locate Refine Server at [Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MicroStrategy\Refine Server]. If the Refine Server does not exist, then create one.

    On Linux, edit the MSIReg.reg file.

  5. Create the following string values in your file:

    • enableHttps: If this name exists, Refine Server will start an additional port for HTTPS connection.
    • https_port: The default port number for HTTPS connection.
    • port: The default port number for HTTP connection.
    • keystorePath: The path of the server keystore placed in Step 1.
    • keystorePassword: The password for the server keystore.

  6. Restart the Intelligence Server.

Enable Data Warehouse HTTPS Connection on Web Server

  1. Go to the extracted MicroStrategy.war file and locate the WEB-INF folder.
  2. Create a folder named keystore and put the client TrustStore file (created in Prepare the Self-Assigned Certificate) in this folder.

  3. Edit the microstrategy.xml file in the WEB-INF folder.

    1. Locate the parameter tags with the names refineSSLTruststore and refineSSLTruststorePwd.
    2. Remove the comments around the parameter tags mentioned above to make them valid. Ensure the keystore password is correct.

    3. Restart Tomcat.

Troubleshooting

Enable the Intelligence Server Refine Process Log

  1. Go to [Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MicroStrategy\Diagnostics\Log2\RefineProcess\error] and [Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MicroStrategy\Diagnostics\Log2\RefineProcess\info]. If it does not exist, then create one.
  2. Create a string value and name it the file name of your log file. For example, https.
  3. Create a log file with the name you edited in the register. For example, https.log.
  4. Put the log file under the Intelligence Server installation path, C:\Program Files (x86)\MicroStrategy\Intelligence Server\.

Enable the Data Warehouse Log

  1. Add the following registry key in the JVM Options file located at [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MicroStrategy\JNI Bridge\Config for DataServices\JVM Options]:

    “OtherOptions”=“-Drefine.verbosity=info”

  2. Restart the Intelligence Server .
  3. The log will show in the DW.log file.

    • On Windows: Under the same directory as the DSSErrors.log file (commonly under BIN\X64).
    • On Linux: Under Linux/bin/, where bin is located under the same directory as the DSSErrors.log file.

If the HTTPS connection is started successfully, the log message will be shown in the DW.log file.