Custom SSL Certificate setup instructions

From 360Works Product Documentation Wiki
Revision as of 23:04, 9 November 2012 by Sarah (talk | contribs) (Clarified formatting and language, added windows instructions)
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

MirrorSync server runs in Java, and it needs to be able to communicate with the FileMaker Web Publishing Engine. If you have an SSL certificate installed on your web server that is self-signed or issued by an authority not recognized by Java, you need to follow these steps in order to tell Java to trust your SSL certificate. Follow the procedure outlined below on the machine that will be configuring MirrorSync.

Step 1: Export the certificate from your web server. Use Firefox to go to the https:// address of your server. From the menu bar, go to Tools->Page Info->Security->View Certificate->Details->Export. Leave the format set to 'X.509 Certificate (PEM)' and save the certificate file somewhere on your hard drive.

Step 2: Import the certificate into your Java key store.

For OS X, go into Terminal and then cd into your Java lib/security directory, like this:

cd /Library/Java/Home/lib/security/

On Windows, Java may be installed in your Program Files. Using the Command window running as administrator, use the dir command to navigate to the Java lib/security directory.

In both Windows and Mac, run the following command to add the certificate to your keystore. Add sudo to the beginning of the command for Mac users.

keytool -importcert -file /path/to/theCertficate.com -trustcacerts -alias myServerName -keystore cacerts

Replace /path/to/theCertificate.com with the path to the certificate that you exported in step 1, and replace myServerName with some descriptive name of your server. This can be anything; it's just a reference for if you need to edit/delete it later.

You may be prompted for a keystore password - if you've never changed it, it will be 'changeit' or 'changeme'.

You'll be asked whether to trust the certificate - just put in 'yes' without quotes.

Step 3 Stop and start the Web Publishing Engine. Return to MirrorSync and carry on with configuration.