Did you know - How to apply a wildcard SSL certificate in ADSelfService Plus?
Gone are the days when you have to purchase a separate SSL certificate for each subdomain. With Wildcard SSL, you can secure your primary domain and all subdomains with just a single certificate.
This week let me take you through the steps to apply a wildcard SSL certificate (PFX certificate) in ADSelfService Plus.
Step 1: Enable SSL in ADSelfService Plus
- Log in to ADSelfService Plus with admin credentials.
- Navigate to Admin tab -> Product Settings -> Connection.[Refer Image]
- Select Enable SSL Port [HTTPS] checkbox.
- Enter 9251 as the port number.
- Select Encrypt Keystore Password checkbox.
- Enter your Keystore password.
- Click Save and restart ADSelfService Plus.
Step 2: Bind the certificate with ADSelfService Plus
- Export and place your PFX/PKCS 12 certificate file at <Install Directory>\conf (By default: C:\ManageEngine\ADSelfService Plus\conf) folder.
- Open the server.xml file present at the same location.
- Navigate to the end of the XML file and replace the values of the following SSL connector tag:
- "keystoreFile" with "./conf/YOUR_CERT_FILE.pfx"
- "keystoreType" with "PKCS12”
Eg:
<Connector SSLEnabled="true" acceptcount="100" clientauth="false" connectiontimeout="20000" debug="0" disableuploadtimeout="true" enablelookups="false"
keystoreFile="./conf/YOUR_CERT_FILE.pfx" keystorepass="${adssp.keysorePass}"
keystoreType="PKCS12" maxsparethreads="75" maxthreads="150" minsparethreads="25" name="SSL" port="9251" scheme="https" secure="true" sslprotocol="TLS" sslprotocols="TLSv1,TLSv1.1,TLSv1.2"/>
- Restart ADSelfService Plus and check if the certificate is installed correctly.
- Note: Since the keystore password is encrypted, the value of keystorePass property in server.xml file will be assigned as ${adssp.keysorePass}.