Skip to content

Configure SSL Certificate

AIV application can be installed in local machine as well as on server machine. generally it is suggested to install aiv on the server machine for centralized access of application over the network. By doing so any user having access of aiv can access the application through browser over the network.

Objective

Objective of this document is to guide user on how to setup SSL certificate in AIV.

Prerequisites

  • SSL certificate for Tomcat server (it should be in .pfx file format).

  • Password file for SSL certificate.

If application is installed for personal use, you can install aiv in local machine and it will work for a single user.

But in other scenario, if there is requirement in an organization that any user within organization should access the application from browser, you need to provide SSL certificate for aiv. SSL certificate for tomcat server can be generated by IT department of organization.

In this document we will describe how to configure SSL certificate with aiv and in what format aiv accepts SSL certificate.

Steps to apply SSL certificate

Follow these steps once you have all prerequisite files ready and to link SSL certificate with aiv;

  1. Place all dependecy files mentioned in prerequisite in to (your_directory)/aiv/tomcat/conf folder.

  2. Inside this folder you will see server.xml file. open this file in to any text editor to make changes

  3. In server.xml file you will find SSLHostConfig property somewhere which is commented by default. refer below image for your reference,

    Image

  4. Un-comment this code snippet in this file and replace with property as gievn below;

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
	   maxThreads="150" scheme="https" secure="true"
	   clientAuth="false" sslProtocol="TLS"
           keystoreFile="conf/certificate_name.pfx"
		   keystoreType="PKCS12"
           keystorePass="certificate_password_hare" />

Field to be updated

In above property following fields need to be updated to apply your SSL certificate,

  • port: provide port number by which certificate is binded. (Generally this info is provided along with certificate by IT person)

  • keystoreFile: you will have .pfx file of your certificate in (your_directory)/aiv/tomcat/conf folder. just provide name of certificate provided to you in this property after conf/ path.

  • keystorePass: you will be provided a password for this certificate. write that password here

    Keep all other settings as it is as shown in above code snippet.

  1. Save this file and restart tomcat server to reflect the changes.

  2. Once server is started successfully, try to access aiv with domain name & port number provided in certificate from outside of the server machine.