3.12.2 Procedure for setting up server certificates for SSL communication on the smart device manager

Set up the server certificate for SSL communication and private key on the smart device manager.

Procedure

1. Store the server certificate for SSL communication and private key in the following folder:

   JP1/ITDM2 - SDM (Smart Device Manager)-installation-folder\mgr\uC\httpsd\conf\ssl\server

2. Add the definitions to the httpsd.conf file.

   The httpsd.conf file is stored in the following location:

   JP1/ITDM2 - SDM (Smart Device Manager)-installation-folder\mgr\uC\httpsd\conf

   Add the following lines and comment out the lines described below.

   ServerName localhost or host-name
    
   #--Omitted--
   Listen 26080
   <VirtualHost localhost or host-name:26080>
   <Location /jp1itdm2sdm>
        Allow from all
   </Location>
   </VirtualHost>
    
   Listen 26056
   <VirtualHost localhost:26056>
   <Location /rest>
        Allow from command
   </Location>
   </VirtualHost>
    
   #--Uncomment out the following lines--
   Listen 26055
   <VirtualHost host-name:26055>
       SSLEnable
       SSLProtocol TLSv1 TLSv11 TLSv12
       SSLCertificateFile "JP1/ITDM2 - SDM (Smart Device Manager)-installation-folder/mgr/uC/httpsd/conf/ssl/server/newcert.pem" 
       SSLCertificateKeyFile "JP1/ITDM2 - SDM (Smart Device Manager)-installation-folder/mgr/uC/httpsd/conf/ssl/server/newkeyRSA.pem" 
       #SSLCertificateKeyPassword "JP1/ITDM2 - SDM (Smart Device Manager)-installation-folder/mgr/uC/httpsd/conf/ssl/server/.keypasswd" 
       LoadModule proxy_module modules/mod_proxy.so
       LoadModule proxy_http_module modules/mod_proxy_http.so
       <Location /server01/api/v1.0>
           ProxyPass http://localhost:26057/rest/itdmsdapi
           Allow from all
       </Location>
       <Location /server01/api/version>
           ProxyPass http://localhost:26057/rest/itdmsdapi/version
           Allow from all
       </Location>
   </VirtualHost>
    
   Listen 26057
   <VirtualHost localhost:26057>
   <Location /rest>
        Allow from all
   </Location>
   </VirtualHost>
   #--End of the change--
    
   Include "JP1/ITDM2 - SDM (Smart Device Manager)-installation-folder/mgr/uC/CC/web/redirector/mod_jk.conf"

   Legend:

   httpsd.pem: Server certificate file name (PEM format)

   httpsdkey.pem: Private key file name (PEM format)

   .keypasswd: Password file name

   Important

   If you set a password when creating the private key for the Web server, you need to create a password file by using the sslpasswd command, and then set the SSLCertificateKeyPassword directive.

Related Topics

• 3.1 Flow of building a system

• 3.11.2 Flow of obtaining certificates for SSL communication for the smart device manager

• G.6 Create a password file (sslpasswd command)

To Page Top