Integration
      Back to home
      1. Support Portal
      2. Integration

      How to Install Certificates

      This article lets you know how to install certificates

      SSL certificates should be placed in <INSTALL_DIR>\oware\certs directory.  
      They will be backed during future upgrades if they are placed in this directory.
       
      HTTPS is enabled by default using a self-signed SSL certificate.
      Follow steps below to regenerate a custom self-signed SSL certificate,
      or to request and install an SSL certificate issued by a Certificate 
      Authority (CA).
       
      HOW TO CUSTOMIZE THE SELF-SIGNED SSL CERTIFICATE:
        1. Edit script: 'makecert.sh'
           (in directory: <INSTALL_DIR>\oware\certs)
           a. Edit the group of lines starting with 'KT_' and set appropriate 
              values for: 'KT_HOSTNAME' and 'KT_IPADDRESS'
           b. Changing values of other 'KT_' variables is optional
        2. Execute script: 'makecert.sh' 
           (in directory: <INSTALL_DIR>\oware\certs)
           a. [Windows ONLY] Open a Windows command prompt, execute: oware
           b. [Linux ONLY] Open a Terminal window
           c. Execute: cd "$OWARE_USER_ROOT/oware/certs"
           d. Execute: ./makecert.sh
           e. Script will prompt user to enter a new password of their choice and
          will generate three files: 1) 'selfsigned.cer' 2) 'selfsigned.jks'
              3) 'selfsigned-csr.txt'
        3. Restart Web Server Service
           [Windows ONLY] 
           a. From an Administrative command prompt, execute: net stop synergy
           c. From an Administrative command prompt, execute: net start synergy
           [Linux ONLY] 
           d. From a root terminal, execute: service synergy stop
           e. From a root terminal, execute: service synergy start
        4. Install certificate on all client machines that access the application.
           [Windows ONLY] 
           a. Open Windows File Explorer to directory: <INSTALL_DIR>\oware\certs
           b. Open file: 'selfsigned.cer' and choose "Install Certificate..."
           c. Choose "Local Machine" as the Store Location
           d. Click "Browse..." button to place certificate in store: "Trusted Root Certification Authorities"
           e. Click "Finish" to install the certificate
           [Linux ONLY] 
           f. Consult Linux specific instructions to install the certificate file located
              in directory: $OWARE_USER_ROOT/oware/certs/selfsigned.cer
        5. Close ALL open browser windows BEFORE opening application
           a. All HTTP requests should now redirect to HTTPS on port 8443
       
      HOW TO UTILIZE A CA ISSUED SSL CERTIFICATE:
        1. Execute steps 1 and 2 in the first section above, which will generate 
           a Certificate Signing Request (CSR) file: 'selfsigned-csr.txt' 
        2. Provide this generated CSR file to your CA provider 
        3. Obtain your SSL certificate and ALL required Root and Intermediate 
           certificates from your CA provider 
        4. Copy all certificate files into the directory: 
           <INSTALL_DIR>\oware\certs
        5. Edit script: 'importcerts-EXAMPLE.sh'
           a. Edit values for: 'KT_PASSWORD' and 'KT_FILENAME', as instructed in step 1. 
           b. Modify the script to match the specific alias names, files names and 
              number of certificates issued by your CA provider.
              NOTE: The alias 'server' MUST be used when importing the Domain certificate.
        6. Execute script: 'importcerts-EXAMPLE.sh' 
        7. Execute step 3 in the first section above to restart the Web Server
        8. Close ALL open browser windows BEFORE opening application
           a. All HTTP requests should now redirect to HTTPS on port 8443