Installing .PFX Certificate
.PFX is an extension for security certificate. It defines a file format that stores private keys (generated by your server at the time the CSR was generated) and public key certificate (your SSL Certificate provided by the CA) in a single encrypted file.
To install a certificate with the extension .PFX,
-
Stop ManageEngine SupportCenter Plus service.
-
Copy the .pfx file to the location C:\ManageEngine\SupportCenter\server\default\conf (where C: is the dsrive in which SupportCenter Plus is installed)
-
Change the web server port to 443 to run SupportCenter Plus on secure mode. To change the web server port, open the command prompt and go to [SupportCenter Plus Home]\bin. Enter the command as given below,
[SupportCenter Plus Home]\bin> changewebserverport.bat 443 https
-
Go to the location [SupportCenter Plus Home]\server\default\deploy\jbossweb-tomcat50.sar and open the file 'server.xml' in a word pad.
-
Locate the below entries in the file.
<!-- SSL/TLS Connector configuration using the admin devl guide keystore
<Connector port="8443" address="${jboss.bind.address}"
maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
scheme="https" secure="true" clientAuth="false"
keystoreFile="${jboss.server.home.dir}/conf/scp.keystore"
keystorePass="scpsecured" sslProtocol = "TLS" />
-
Please replace the file name scp.keystore with the pfx file name (name.pfx) and enter the keystoreType="pkcs12" after the file name. Also replace the 'scpsecured' with the password for the .pfx file.
-
The entries should look like this,
<!-- SSL/TLS Connector configuration using the admin devl guide keystore
<Connector port="8443" address="${jboss.bind.address}"
maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
scheme="https" secure="true" clientAuth="false"
keystoreFile="${jboss.server.home.dir}/conf/name.pfx" keystoreType="pkcs12" keystorePass="your password" sslProtocol = "TLS" />
-
Restart ManageEngine SupportCenter Plus service.