Configuring Cloudpaging SSL Certificates
Prerequisites
Customers must request and provide a valid SSL certificate in .pfx format as detailed on SSL Certificates.
Procedure
Connect to one Cloudpaging Admin Server
Rename the <certificate>.pfx file to cloudpaging.pfx
Copy Cloudpaging.pfx to the first Cloudpaging server and place it in
C:\Program Files (x86)\Numecent\Application Jukebox Server
Backup
C:\Program Files (x86)\Numecent\Application Jukebox Server\core\conf\server.xml
Open Notepad with Administrative privileges and open the original server.xml
Edit the keystoreFile="..." tag (see below), replacing the custom.keystore filename with cloudpaging.pfx
Immediately after that entry add
keystorePass="ThePassword" keystoreType="PKCS12"
(with the correct password)Save server.xml
Restart the Cloudpaging service
Ensure the certificate is applied and Cloudpaging is functional
Copy
C:\Program Files (x86)\Numecent\Application Jukebox Server\core\conf\server.xml
to the next Cloudpaging serverRestart the Cloudpaging service
Ensure the certificate is applied and Cloudpaging is functional locally
Repeat steps 10-12 for the remaining Cloudpaging servers
Example line from server.xml
<Connector acceptCount="100" clientAuth="false" disableUploadTimeout="true" enableLookups="false" keystoreFile="C:\Program Files (x86)\Numecent\Application Jukebox Server\cloudpaging.pfx" keystorePass="password" keystoreType="PKCS12" maxHttpHeaderSize="32768" maxThreads="300" minSpareThreads="25" URIEncoding="UTF-8" port="443" SSLProtocol="TLSv1.2" SSLEnabled="true" scheme="https" secure="true"/>
Updating Cloudpaging Certificates
The cloudpaging.pfx should be copied and saved as a backup, then the file can be replaced with the new .PFX and the Cloudpaging service restarted.
If Cloudpaging is not using a Cloudpaging.pfx file, then it should be updated to use one following the above procedure.
Providing the customer uses health check load balancing there will be no outage. Otherwise, the customer should be notified that the service will be offline whilst the master (live) server is updated (approx 5 minutes).
To prevent an outage in the absence of health check load balancing, the secondary server should be updated first and verified. Once complete it should be switched in the load balancer to become the master (live) server. If manual switch over is required, it should be scheduled with the customer so the load balancer can be updated.
If there is only one server the service will be:
At risk from the start of the change for approx. 15 minutes
Offline for approx. 5 minutes whilst the service restarts
Rollback
Revert
C:\Program Files (x86)\Numecent\Application Jukebox Server\core\conf\server.xml
Restart Cloudpaging server