Apply certificate for EWS mail configuration in SDP.

Apply certificate for EWS mail configuration in SDP.

      EWS protocol support is introduced in 10006 version of SDP ( Limited to windows servers ). User can configure EWS for both incoming and outgoing settings in SDP.

Note: If the mail server is O365 , then you need not perform these steps as the certificate info is already available in the built-in keystore.

To apply the certificate for EWS protocol in SDP, please follow the below steps

1. Open your EWS url in a new tab in Firefox browser.

2. You will be prompted for username and password.

3. Please enter the appropriate credentials. After entering the appropriate credentials, you will be redirected to a page similar to this image.

4. Export the Certificate.

To export the certificate, follow the below steps

      Click on the lock symbol in the URL >> Click on the pad lock symbol >> Click on connection >> More Information >> Security >> View Certificate >>  Miscellaneous >> Download >> PEM (chain) (X.509 Certificate with Chain ( PEM )) format >> Save

Click on View Certificate

5. Go to <server_home>\jre\bin folder in the command prompt / terminal app. Execute the below command 

keytool -import -alias -keystore ../lib/security/cacerts -file ../yourCertificate.crt

( If you have jssecacerts file in the security folder, then give jssecacerts instead of cacerts as the keystore.  )

6. Provide password as "changeit" when prompted.

7. If the certificate is valid, it will prompt "do you trust this certificate?". Type 'yes' and press enter.

8. Certificate will be added to the keystore.

9. Restart the application service once and check whether you could able to connect to EWS.

      New to ADSelfService Plus?