This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Manual install Exchange SSL cert

Hi,

For some reason my whd wont automatically work with an Exchange SSL connection.  I logged a ticket about it and a developer installed the ssl cert manually via Portecle however there aren't any notes about this in the ticket.

My Exchange SSL cert has changed and I need to update it in WHD but I cant remember the file where the certs are kept.  Does anyone know?

Note that I'm not looking for the tomcat keystore located at C:\Program Files\WebHelpDesk\conf\keystore.jks.  There was another store which keeps the certs for exchange, etc...

  • Hi Jeff,

    Follow these instructions

    Adding CA to embedded java

    To import the cert into the trust store follow this steps:

    • You need to export the certificate to the .crt file (it is CA which have to be imported)
      1. easiest way how to import is using Portecle tool (it needs to be run with admin rights)
        • Windows: Run <WHD>/portecle.bat
        • Mac OSX: Applications > WebHelpDesk > Portecle
      2. In Portecle
        1. File -> Open Keystore File
        2. Navigate to the keystore
          • Windows: it is in <WHD>/bin/jre/lib/security/cacerts
          • Mac OSX: it depends <JAVA_HOME> can be found using following command in terminal /usr/libexec/java_home; e.g. System/Library/Java/JavaVirtualMachines/1.6.0jdk/Contents/Home/lib/security/cacerts
        3. Enter the password, default is "changeit"
        4. Go to Tools->Import Trusted Certificates and locate the .crt file
        5. Choose one and alias/name (no matter what is the alias)
        6. File Save Keystore.
      3. Restart WHD.
    • Linux VA this can be done easily via terminal:
      1. To import the cert run following command:
        • echo -n | openssl s_client -connect <exchange_address>:<port> | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/<cert_name>.crt
      2. And to import do following:
        • sudo /usr/local/webhelpdesk/bin/jre/bin/keytool -import -trustcacerts -keystore /usr/local/webhelpdesk/bin/jre/lib/security/cacerts -storepass changeit -noprompt -alias <cert_alias_name> -f
      3. Restart WHD

    Let me know if this works for you or you have any additional questions.

    Regards,

    Jan