3.13.2 Procedure for setting up server certificates for SSL communication on the communication server
On the communication server, set up the server certificate for SSL communication and private key for the communication server.
Procedure
-
Store the server certificate for SSL communication and private key in the following folder:
JP1/ITDM2 - SDM (Communication Server)-installation-folder\cms\uC\httpsd\conf\ssl\server
-
Add the definitions to the httpsd.conf file.
The httpsd.conf file is stored in the following location:
JP1/ITDM2 - SDM (Communication Server)-installation-folder\cms\uC\httpsd\conf
Add the following lines:
ServerName host-name #--Omitted-- Listen 26055 <VirtualHost host-name:26055> SSLEnable SSLProtocol TLSv11 TLSv12 SSLCertificateFile "JP1/ITDM2 - SDM (Communication Server)-installation-folder/cms/uC/httpsd/conf/ssl/server/newcert.pem" SSLCertificateKeyFile "JP1/ITDM2 - SDM (Communication Server)-installation-folder/cms/uC/httpsd/conf/ssl/server/newkeyRSA.pem" </VirtualHost> Include "JP1/ITDM2 - SDM (Communication Server)-installation-folder/cms/uC/CC/web/redirector/mod_jk.conf"- Legend:
-
httpsd.pem: Server certificate file name (PEM format)
httpsdkey.pem: Private key file name (PEM format)
.keypasswd: Password file name
- Important
-
When operating with the server certificate issued by the chained CA, this directive sets the certificate of chained CA. By combining multiple certificate files, you can mix multiple certificates into one file.
- Example
-
SSLCACertificateFile "JP1/ITDM2 - SDM (Communication Server)-installation-folder/mgr/uC/httpsd/conf/ssl/cacert/anycert.pem"
- Important
-
If you set a password when creating the private key for the Web server, you need to create a password file by using the sslpasswd.bat command, and then set the SSLCertificateKeyPassword directive.
-
Restart the JP1/ITDM2 - Smart Device Manager Web Server on the communication server.
Related Topics