No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionAccess-WI-how to change WI server certificate in FusionAccess R5 manually

Publication Date:  2017-08-03 Views:  20 Downloads:  0
Issue Description

The customer don’t want to be disturbed by https notification when login WI through domain user.Customer has their own CA server.

Handling Process

NOTE: customer need to provide WI server certificate and ROOT certificate.

1. Upload the ROOT certificate to WI server through winscp in the directory of : /opt/WI/tomcat/certs

2. Upload the WI server certificate to WI server in the directory of: /opt/WI/tomcat/certs. It is recommended to use the WI server certificate format of pfx or p12.

3. Modify the configure file server.xml
Edit the value of “keystoreFile” to be new e file name,
Edit the value of “keystoreType” to be “PKCS12”,
Edit the value of “keystorePass” to be the password of WI server certificate .
Take a common configure file for instance:
<Connector connectionTimeout="20000" port="9080" protocol="HTTP/1.1" redirectPort="443"/>
<Connector SSLEnabled="true" allowTrace="false" ciphers="SSL_DSS_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_DSS_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA" clientAuth="false" connectionTimeout="20000" keystoreFile="certs/wibjphoenixtv.pfx" keystorePass="Huawei@123" keystoreType="PKCS12" maxKeepAliveRequests="200" maxPostSize="10240" maxThreads="500" port="9443" protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https" secure="true" sslEnabledProtocols="SSLv2Hello,SSLv3,TLSv1,TLSv1.1,TLSv1.2" truststoreFile="certs/localhost.keystore" truststorePass="Huawei@123" truststoreType="JKS"/>
4. Login WI server as user gandalf, execute command below:
sudo service WIService restart

END