Install a New Server Certificate: Java Keystore
Use this procedure to replace the default Web Transfer or User Manager server certificate with a CA-signed certificate contained within a Java keystore.
Before you begin
Obtain a Java keystore (*.jks) file that contains your private key and a certificate signed by a Certificate Authority (CA). You can use the following procedures to create your keystore using the Java keytool utility.
To replace the default server certificate with a certificate in a Java keystore
- Move the new Java keystore to the folder that holds the default keystore (or another secure location on your server). The default keystore locations are:
Caution: Do not delete any of the existing certificate or keystore files in these locations. The server certificates located here are required for communication between Web Edition components.
- Locate the container.properties file in the location below for the server you are updating.
- Open container.properties in a text editor (running as an administrator). Remove the comment character (#) from the following lines and edit them to point to your keystore and specify your keystore password. For example:
Note: The path to the keystore must be specified using forward slashes or escaped backslashes. For example: C:/pathto/keystore or C:\\pathto\\keystore
- Restart the server you are configuring. See Start and Stop the Web Transfer Server and Start and Stop the User Manager Server.
- Test a connection from the Transfer Client or User Manager. If you can't log in, or continue to see a certificate warning message, see Troubleshooting Server Certificate Setup.