1 Reply Latest reply on Apr 8, 2014 9:25 AM by janpaces

    Manual install Exchange SSL cert

    jeff.postle

      Hi,

       

      For some reason my whd wont automatically work with an Exchange SSL connection.  I logged a ticket about it and a developer installed the ssl cert manually via Portecle however there aren't any notes about this in the ticket.

       

      My Exchange SSL cert has changed and I need to update it in WHD but I cant remember the file where the certs are kept.  Does anyone know?

       

      Note that I'm not looking for the tomcat keystore located at C:\Program Files\WebHelpDesk\conf\keystore.jks.  There was another store which keeps the certs for exchange, etc...

        • Re: Manual install Exchange SSL cert
          janpaces

          Hi Jeff,

           

          Follow these instructions

          Adding CA to embedded java

          To import the cert into the trust store follow this steps:

          • You need to export the certificate to the .crt file (it is CA which have to be imported)
            1. easiest way how to import is using Portecle tool (it needs to be run with admin rights)
              • Windows: Run <WHD>/portecle.bat
              • Mac OSX: Applications > WebHelpDesk > Portecle
            2. In Portecle
              1. File -> Open Keystore File
              2. Navigate to the keystore
                • Windows: it is in <WHD>/bin/jre/lib/security/cacerts
                • Mac OSX: it depends <JAVA_HOME> can be found using following command in terminal /usr/libexec/java_home; e.g. System/Library/Java/JavaVirtualMachines/1.6.0jdk/Contents/Home/lib/security/cacerts
              3. Enter the password, default is "changeit"
              4. Go to Tools->Import Trusted Certificates and locate the .crt file
              5. Choose one and alias/name (no matter what is the alias)
              6. File Save Keystore.
            3. Restart WHD.
          • Linux VA this can be done easily via terminal:
            1. To import the cert run following command:
              • echo -n | openssl s_client -connect <exchange_address>:<port> | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/<cert_name>.crt
            2. And to import do following:
              • sudo /usr/local/webhelpdesk/bin/jre/bin/keytool -import -trustcacerts -keystore /usr/local/webhelpdesk/bin/jre/lib/security/cacerts -storepass changeit -noprompt -alias <cert_alias_name> -f
            3. Restart WHD

          Let me know if this works for you or you have any additional questions.

           

          Regards,

           

          Jan