About Server Certificates
A certificate is an electronic document that is used to identify an individual, a server, a company, or some other entity and to associate that identity with a public key. A certificate provides generally recognized proof of an entity's identity. Certificates are particularly important when establishing secure connections (HTTPS).
The Process Server uses Jetty, an open-source Eclipse project, to host Web services. For detailed information on certificate configuration see How to Configure SSL with Jetty.
When the server is started for the first time, a self-signed certificate is generated for HTTPS. However, you can install a different certificate (for example, one that has been signed by a Certificate Authority (CA).
To use your own certificate: Java keystore
The default certificate is stored in a Java keystore: Micro Focus\Verastream\ProcessServer\services\composite\META-INF\keystore.bcfks. A copy of the generated certificate is also available in this folder (certificate.cer). This file is not used by the web server, but is available for your convenience. Jetty expects a Java keystore with a private/public key pair stored under the alias "jetty". The keystore and key password is not-secure.
To add a CA-signed certificate, place it in the server keystore using the Java JSSE keytool. You are prompted to specify a password. The password is not-secure. For more information on using the Java keytool, see the Oracle documentation.
To change the name of the keystore file or change the password
If you want to change the name of the keystore file or change the keystore or key password, you must also update the Jetty configuration in the service-ctx.xml
file, located in the Micro Focus\Verastream\ProcessServer\services\composite\META-INF\
directory. Modify the section labeled sslconnector.
Important
If you have made changes to the service-ctx.xml
file, located in \ProcessServer/services/composite/META-INF/
, you should back up this file before you upgrade. This file is overwritten during the upgrade process. Restore the changes made to this file after the upgrade is complete.
You can obfuscate passwords in this file using the Jetty password utility.
More information