You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

By default, Teamwork Cloud, AuthServer and WebApp use a self-signed certificate that is provided with the build. However, for production environments, it is highly recommended to use a certificate signed by trusted certificate authorities (CA). The steps described on this page should be followed in order to replace the self-signed certificate with a CA certificate, providing that you already have a private key and a certificate signed by a trusted CA.

Changing the self-signed certificate to a CA certificate

To change the self-signed certificate to a CA certificate


  1. Update the keystore file with the new private/public key. The default keystore is located at <TWC_installation_directory>\configuration\keystore.p12. To do so, follow the steps:

    1. Create a PKCS 12 file with the OpenSSL tool. 

      openssl pkcs12 -export -in <public_key_name>.crt -inkey <private_key_name>.key -out keystore.p12
    2. Copy the keystore.p12 file to the <TWC_installation_directory>\configuration directory, replacing the default file with the new one.

      Note for Windows users

  2. Add the public certificate file to the <TWC_installation_directory>\AuthServer\config\truststore directory.

  3. Delete the truststore.jks file located at <TWC_installation_directory>\AuthServer\config\truststore.jks.

If the default configuration (file names, locations, passwords, aliases, etc.) is not changed, no additional steps are necessary. If, however, you are changing the default configuration, then you also need to update the relevant properties in the corresponding files, as described below.

Teamwork Cloud

Update the default values for the properties indicated below in the <TWC_installation_directory>\configuration\application.conf file if any of the applicable values were changed.

application.conf
https {
		# the file name of the certificate or the key store (should be a full path)
		file = "AuthServer/config/truststore/teamworkcloud.crt"
} 
application.conf
ssl {
		keystorePath = "configuration/keystore.p12"
		keystoreType = "pkcs12"
		keystorePassword = "nomagic"
		keyPassword = "nomagic"
}
application.conf
cassandra {
		enabled = false
		keystorePath = "configuration/keystore.p12"
		keystoreType = "pkcs12"
		keystorePassword = "nomagic"
		truststorePath = "configuration/keystore.p12"
		truststoreType = "pkcs12"
		truststorePassword = "nomagic"
}

AutherServer

Update the default values for the properties indicated below in the <TWC_installation_directory>\AuthServer\config\authserver.properties file if any of the applicable values were changed.

authserver.properties
server.ssl.key-store=../configuration/keystore.p12
server.ssl.key-store-type=PKCS12
server.ssl.key-store-password=nomagic
server.ssl.key-password=nomagic
server.ssl.key-alias=teamworkcloud

WebApp

Update the default values for the properties indicated below in the <TWC_installation_directory>\WebAppPlatform\conf\server.xml file if any of the applicable values were changed.

server.xml
<Certificate    certificateKeystoreFile="../configuration/keystore.p12" 
				certificateKeystorePassword="nomagic" 
				type="RSA" 
/>

All 3 services (Teamwork Cloud, Authserver, and Webapp) must be restarted once all of the configuration changes are completed.