Replace the Default Server Certificate

Use the following procedure to replace the self-signed certificate that is installed with these Web Edition servers:

  • Reflection for Secure IT Web Server
  • Reflection for Secure IT User Manager

Before you begin

Obtain a Java keystore (*.jks) file that contains your private key and a certificate signed by a Certificate Authority (CA). You can use either of these approaches, described in the topics that follow:

To replace the default server certificate

Note: The paths below are located in the Web Edition installation folder. The default is C:\Program Files\Attachmate\RSecureWebEdition.

  1. Move the new Java keystore to the folder that holds the default keystore (or another secure location on your server). The default keystore locations are:

    <install path>\WebServer\etc\

    <install path>\UserManager\etc\

  2. Locate the file in the location below for the server you are updating.

    <install path>\WebServer\conf\

    <install path>\UserManager\conf\

  3. Open in a text editor. Remove the comment character (#) from the following lines and edit them to point to your keystore and specify your keystore password. For example:





    Note: The path to the keystore must be specified using forward slashes or escaped backslashes. For example:

  4. Restart the server you are configuring. See Start and Stop the Transfer Client Web Server and Start and Stop the User Manager Server.