Configuring the http server for https using the keytool

From PresenceWiki
Jump to: navigation, search

To create a keystore for the https server:-

keytool -keyalg RSA -genkey -validity 731 -keystore c:\\keystore

After this you can then create a self signed certificate:-

keytool -selfcert -validity 721 -keystore c:\\keystore

Now place the file keystore into the presence res directory.

In the httpconfig edit the following:-

<http-config httpenabled="true" httpsenabled="true" port="81" secureport="443">

Because we gave the name as impscloud, if we go to C:\WINDOWS\system32\drivers\etc\hosts and edit this we can point it to a chosen machine:-

Then we can go to this page:-


Initially you will receive a warning, where you should choose "I Understand The Risks".

We can then select "Get The Certificiate" and then "Confirm Security Exception"

From now on, we shall receive the page as intended:-

It is also possible to generate your own .cer file that can then be imported onto a pc to access the site without warnings.

To do this first list the keys in your keystore using:-

keytool -list -v -keystore c:\keystore

Now run the command to create the cer file. Note that by default the keystore is in your users directory unless otherwise specified.

keytool -export -alias mykey -keystore c:\keystore -file c:\presence.cer

You can now send this to a user who can right click on the cer in windows explorer and import it into their system.

They should now be able to browse to the site in ie or chrome without any warning or need to add an exception.