Prerequisites

Customers must request and provide a valid SSL certificate in .pfx format as detailed on SSL Certificates.

Procedure

  1. Connect to one Cloudpaging Admin Server

  2. Rename the <certificate>.pfx file to cloudpaging.pfx

  3. Copy Cloudpaging.pfx to the first Cloudpaging server and place it in C:\Program Files (x86)\Numecent\Application Jukebox Server

  4. Backup C:\Program Files (x86)\Numecent\Application Jukebox Server\core\conf\server.xml

  5. Open Notepad with Administrative privileges and open the original server.xml

  6. Edit the keystoreFile="..." tag (see below), replacing the custom.keystore filename with cloudpaging.pfx

  7. Immediately after that entry add keystorePass="ThePassword" keystoreType="PKCS12" (with the correct password)

  8. Save server.xml

  9. Restart the Cloudpaging service

  10. Ensure the certificate is applied and Cloudpaging is functional

  11. Copy C:\Program Files (x86)\Numecent\Application Jukebox Server\core\conf\server.xml to the next Cloudpaging server

  12. Restart the Cloudpaging service

  13. Ensure the certificate is applied and Cloudpaging is functional locally

  14. Repeat steps 10-12 for the remaining Cloudpaging servers

Example line from server.xml

<Connector acceptCount="100" clientAuth="false" disableUploadTimeout="true" enableLookups="false" keystoreFile="C:\Program Files (x86)\Numecent\Application Jukebox Server\cloudpaging.pfx" keystorePass="password" keystoreType="PKCS12" maxHttpHeaderSize="32768" maxThreads="300" minSpareThreads="25" URIEncoding="UTF-8" port="443" SSLProtocol="TLSv1.2" SSLEnabled="true" scheme="https" secure="true"/>

Updating Cloudpaging Certificates

The cloudpaging.pfx should be copied and saved as a backup, then the file can be replaced with the new .PFX and the Cloudpaging service restarted.

If Cloudpaging is not using a Cloudpaging.pfx file, then it should be updated to use one following the above procedure.

Providing the customer uses health check load balancing there will be no outage. Otherwise, the customer should be notified that the service will be offline whilst the master (live) server is updated (approx 5 minutes).

To prevent an outage in the absence of health check load balancing, the secondary server should be updated first and verified. Once complete it should be switched in the load balancer to become the master (live) server. If manual switch over is required, it should be scheduled with the customer so the load balancer can be updated.

If there is only one server the service will be:

  • At risk from the start of the change for approx. 15 minutes

  • Offline for approx. 5 minutes whilst the service restarts

Rollback

  1. Revert C:\Program Files (x86)\Numecent\Application Jukebox Server\core\conf\server.xml

  2. Restart Cloudpaging server