On-Premise: Configuring SSL using PFX file. - Connect IT Community

/* * These styles apply ONLY to the header and footer assets. */ * { padding: 0; margin: 0; box-sizing: border-box; } .super-nav { display: flex; justify-content: flex-end; align-items: center; margin: 0 auto; max-width: 1264px; padding-left: 40px; padding-right: 40px; height: 40px; text-align: right; } .super-nav a { color: #34427c; margin-right: 20px; padding: 10px; text-decoration: none; } .super-nav a:hover, .super-nav a:focus { background-color: #f7f9fa; } .footer { background: #f5f5f6; color: #555a62; font-size: 14px; line-height: 1.5; padding: 0; } .footer-image { background-image: url("/themes/kaseya/assets/images/footerImage.png"); height: 500px; background-repeat: no-repeat; background-size: cover; margin-top: -100px; } .footer-wrap { padding-left: 18px; padding-right: 18px; max-width: 1236px; margin: 0 auto; } .footer-main-content { background-color: #000; padding: 100px 0; } .footer .footer-col-title { color: #ffffff; font-weight: 700; font-size: 13px; padding-bottom: 10px; text-transform: uppercase; } .footer .footer-link { color: #9b9ca0; text-decoration: none; } .footer .footer-link:hover, .footer .footer-link:focus, .footer .footer-link:active { text-decoration: underline; } .footer-main-content .footer-link { padding-top: 10px; } .footer-row { display: flex; flex-wrap: wrap; justify-content: space-between; align-items: center; margin: -3px; } .footer-main-content-row { align-items: flex-start; } .footer-bottom-content { padding: 10px; align-items: center; } .footer-col { padding: 0 3px; display: flex; flex-direction: column; } .footer-col-copyRight { justify-content: flex-start; color: #9b9ca0; flex: 1; display: flex; } .footer-last-col { flex-direction: row; } .footer-last-col .footer-link { padding-right: 10px; text-transform: uppercase; } @media screen and (max-width: 768px) { .super-nav { padding-right: 0; } .footer-image { height: 250px; } .footer-main-content { padding: 40px 0; } .footer .footer-col-title { padding-top: 10px; } .footer-row:not(.footer-main-content-row) { display: block; } .footer-col:not(.footer-main-content-col) { width: 100%; text-align: center; padding: 10px 0; } .footer-main-content-col { width: 50%; } .footer-last-col { flex-direction: column; } .footer-last-col .footer-link { padding-bottom: 10px; } } /*# sourceMappingURL=styles.css.map */ Ask the Community Groups

On-Premise: Configuring SSL using PFX file. - Connect IT Community | Kaseya

QUESTION:

How do I configure or change the SSL certificate using PFX file?

SOLUTION:

A Java KeyStore (JKS) is a repository of security certificates and the private keys, used for instance in SSL encryption.

The password used to create the 'keystore' file must not contain any special characters. Otherwise, the Web Application will be unable to load the file.
Rename or move the existing keystore located at <TRAVERSE_HOME>/plugin/web/webapp.keystore

Configuring SSL for the Web Application using PFX file:

The application server (Apache Tomcat) used by Traverse uses a JKS format keystore.
Create a keystore using below command.

 "TRAVERSE_HOME\apps\jre\bin\keytool" -importkeystore -srckeystore "xxxxxxxxx.pfx"    -srcstoretype pkcs12 -destkeystore "<TRAVERSE_HOME>\plugin\web\webapp.keystore"  -deststoretype JKS  -deststorepass changeit

srckeystore - use the PFX file name, including it's location e.g C:/Program Files/Certificates/****.pfx
source Keystore password- password of PFX file

List the webapp.keystore:

Scroll to the top of output and copy the alias name.

  "TRAVERSE_HOME\apps\jre\bin\keytool" -list -storepass changeit -keystore  "TRAVERSE_HOME\plugin\web\webapp.keystore"  -v

Change the alias key password to the Traverse default value of 'changeit':

alias: use the alias name from the listed output.
alias password: Use PFX password
New alias password: It should be "changeit"

 "TRAVERSE_HOME\apps\jre\bin\keytool" -keypasswd -alias xxxxxxx  -keystore   "TRAVERSE_HOME\plugin\web\webapp.keystore"  -storepass changeit

Change the alias name:

alias: use the alias name from the listed output.

  "TRAVERSE_HOME\apps\jre\bin\keytool" -changealias -alias xxxxxxx -destalias tomcat -storepass changeit -keystore "<TRAVERSE_HOME>\plugin\web\webapp.keystore"

Verify the alias name "tomcat" in webapp.keystore:

 "TRAVERSE_HOME\apps\jre\bin\keytool" -list -storepass changeit -keystore "TRAVERSE_HOME\plugin\web\webapp.keystore" -v

Note that the password matches the Traverse default defined in Traverse_home\app\tomcat\conf\server.xml:

   keystorePass="changeit" keystoreFile="../../plugin/web/webapp.keystore"

Restart the traverse webapp
Access the webpage using the https://FQDN

RELATED ARTICLES:

Configuration - On-Premise - Configuring SSL for the Web Application