![]() ![]() ![]() |
Entrusting this 'SSL Certificate' upon an ADSelfService Plus ensures 'safe transfer of data' between this application & various others.
The SSL Tool brings about data security via 'encryption' process.
This page provides you with the 'Guidelines for Installing the SSL certificate' along with a 'CSR Generator form'.
Guidelines For Installing The SSL Certificate On The ADSelfService Plus Application:
Installing the 'SSL certificate onto the ADSelfService Plus' application is a 'three-step process':
Before requesting for a certificate from any certifying authority,one needs to create a tomcat specific '.csr file' & a '.keystore file'.These two files should be named as 'selfservice.csr' & 'selfservice.keystore' respectively.
Generating The 'csr' file:(with the help of the 'CSI GENERATOR' form)
Steps To Be Followed:
In the 'Common Name' textbox,provide the 'domain name' for accessing the 'Server'(eg. www.example.com)
Specify the 'Organizational Unit'(OU) in the respective textbox provided
In the 'Organization' textbox,provide the 'Legal Name' of your organization.
Specify the 'City'(in which your organization is located) in the textbox provided
Mention the 'State/Province' (in which your organization is located) in the respective textbox provided
Provide the 'Country Code'(of the country where your organization is located)
In the 'Password' textbox,specify the 'Password'(minimum 6 characters in length) that you will be asked while installing the certificate
Optional Features:
In the 'Validity' textbox, set the 'Validity Period' for the certificate(by default,it is 90 days)
Public Key Length
Click on the 'Generate CSR' button to generate the CSR file.
Generating The Keystore File (and associating it to the CA signed certificates):
Unzip & extract all the certificates received from the CA to the <installation directory>\jre\bin
To generate keystore and add signed certificates,follow the below mentioned instructions:
Directions to generate keystore for 'Go Daddy' certificates:
keytool -import -alias root keystore selfservice.keystore -trustcacerts
-file gd_bundle.crt |
Directions to generate keystore for 'Verisign' certificates:
keytool -import -alias intermediateCA -keystore selfservice.keystore
-trustcacerts -file < your intermediate certificate > .cer |
Directions to generate keystore for 'Comodo' certificates:
keytool -import -trustcacerts -alias root -file AddTrustExternalCARoot.crt
-keystore selfservice.keystore |
Embedding The SSL Certificate into ADSelfService Plus:
Ensure that Enable SSL Port is checked in the product.
Login in to "ADSelfService Plus"
Click on Admin -->>Product Settings -->>'Connection'
Provide check against 'Enable SSL Port' option
Click on Save (This will "Enable SSL Port")
Copy SelfService.keystore from <InstallDir>\jre\bin to <InstallDir>\conf
Edit "server.xml"(at <InstallDir>\conf) by replacing the value of:
"keystoreFile" with "./conf/SelfService.keystore"
"keystorePass" with whatever password you entered into the CSR generator. Save the server.xml
Restart ADSelfService Plus.
If the browser presents no warning,then you have installed the SSL certificate successfully.
|
|
![]() ![]() ![]() |