Enabling Secure Sockets Layer (SSL) in the Web Server for HTTPS protocol
Secure Socket Layer (SSL) is a protocol that provides security for communications between browsers and the web server by implementing encrypted data and certificate-based authentication.
You can activate SSL in the Web server component and link it to a digital certificate. It has an existing digital certificate, self-sign certificates, which should be replaced with personalized certificates generated by customers.
Before you configure the SSL, you must obtain a digital certificate and store it on
the computer that the base product is installed on. Follow the instructions provided
by the certificate authority (CA) for installing the certificate. You must also know
where the keystore is located on the server and the password for the keystore to configure
them to the
In addition, save copies of these files in a safe location so you can find them easily if you need to restore them in the future.
To generate a key and keystore, use the Java keytool command. For details about using keytool, consult your CA or Java documentation.
To configure SSL:
- Purchase a digital certificate from a reputable certificate authority (CA).
- Follow the instructions provided by the CA to install the certificate on the computer where the InfoPrint Manager server is installed.
Use the Java keytool command to generate a key and keystore. For details about using the keytool command, refer to Java documentation. Write down the location of the keystore and the password for the keystore. You need them later.
- Log in to the computer as the InfoPrint Manager administrator.
- Copy the
.keystorefile previously created to the
- Navigate to the
- Open the
server.xmlfile and make these changes:
- Find this code:
<!-- <Connector port="14443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" keystoreFile="etc/InfoPrint.keystore" keystorePass="changeit" clientAuth="false" sslProtocol="TLS" /> -->
- Uncomment the code.
- Replace the value for keystoreFile with the path to your
- Replace the keystore_password by changing keystorePass value with the password to your keystore.
- Save and close the file.
- Find this code:
- If you use another port than the default one (14000), run the
- Restart the InfoPrint Manager Web server.
- Verify the secure connection by opening a Web browser and typing this address, replacing
server_name with the host name or IP address of the computer where InfoPrint Manager
If you use a self-signed certificate or if the certificate is not specifically tied to the server, the Web browser issues a warning that the certificate is not trusted.
If you install service updates or a new version of the InfoPrint Manager, you must activate SSL again because the installation process clears the SSL settings in the Web Server component.
If you need to update or replace your digital certificate, install the new certificate into the keystore and remove the old certificate. You do not have to do this task again because InfoPrint Manager can find the new certificate in the keystore.