Documentation
Password Express
Getting Started with Password ExpressSigning up for Password Express
Installing Windows Connect
Performing a Password Reset
Configuring Authentication Policies for Password Reset
Enrolling a User
Installing the Windows Credentials Provider
Secure File Exchange
Installing on WindowsInstalling on Linux
Installing an SSL Certificate
Uninstalling (All Platforms)
Virtual File System
Browsing Files
Sharing Files
Upload Forms
Incoming Files
Sharing Shortcodes
File Systems
Mounting External FilesLocal Files
Plan Storage
SFTP Folders
Windows Shares
S3 Buckets
Goggle Cloud Storage
Azure Containers
Server Management
User AccountsRoles
Authorized Keys
Event Logs
Email Messages
HTML templates
Session Management
Authentication Modules
Authentication Policies
SMTP Configuration
User Interface
BrandingUser Interface Themes
Installing an SSL Certificate
Introduction
Your JADAPTIVE server requires a valid signed SSL certificate for production use. As a Java-based server, the native SSL certificate format is a PKCS12 key store.
You can modify the configuration for this key store in the conf.d/ssl.properties file.
server.ssl.key-store-password=changeit
server.ssl.key-store-type=PKCS12
server.ssl.key-store=conf/cert.p12
server.ssl.key-alias=serverA new self-signed 2048 bit RSA SSL Certificate is created using the above properties on the initial startup.
Replace with another PKCS12 Certificate
You can replace the p12 file with another certificate by modifying the properties above. Ensure that you provide the correct alias, path, and password for the key store.
Generating a new Certificate for Signing
The default self-signed certificate is unsuitable for signing. If you want to obtain a new signed certificate, then you should first generate a new key store with the command:
keytool -genkey -alias server -keyalg RSA -keysize 2048 -storetype pkcs12 -keystore newcert.p12This will prompt you for the certificate details. Ensure you enter the correct hostname when asked for your first and last name.
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: www.jadaptive.com
What is the name of your organizational unit?
[Unknown]: Jadaptive Limited
What is the name of your organization?
[Unknown]: Jadaptive Limited
What is the name of your City or Locality?
[Unknown]: Nottingham
What is the name of your State or Province?
[Unknown]: England
What is the two-letter country code for this unit?
[Unknown]: GB
Is CN=www.jadaptive.com, OU=Jadaptive Limited, O=Jadaptive Limited, L=Nottingham, ST=England, C=GB correct?
[no]: y
Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 90 days
for: CN=www.jadaptive.com, OU=Jadaptive Limited, O=Jadaptive Limited, L=Nottingham, ST=England, C=GBSetup the ssl.properities file accordingly, changing the path to the new key store, the alias (if you changed it from default), and the password.
You can now generate a certificate request using the command:
keytool -certreq -alias server -keyalg RSA -file output.csr -keystore newcert.p12Take the output.csr file and send this to your certification authority.
Importing the Signed Certificate
Once you have received the signed certificate from your CA, we recommend downloading a P7b bundle as this will contain all the necessary certificates, including root and any intermediate certificates.
keytool -import -trustcacerts -alias server -file cert.p7b -keystore newcert.p12Using a PEM Key and Certificate
As an alternative to working with Java Keystore files, you can configure ssl.properties to import a key and certificate from a set of PEM files.
Configure the properties below to point to your PEM files.
server.ssl.private-key=conf/key.pem
server.ssl.private-key-password=password
server.ssl.ca-bundle=conf/chain.pem
server.ssl.certificate=conf/cert.pemWhen you next start up the server, the server will convert the PEM files to a PKCS12 key store and set it up using the path, password, and alias configured for the default key store overwriting the default key store and certificate.