Skip to main content
Skip table of contents

Configuring Cloudpaging SSL Certificates

Prerequisites

Customers must request and provide a valid SSL certificate as detailed on Importing custom SSL certificates for AppsAnywhere. Once the certificate and key have been provided they must be converted to .pfx format before they can then be applied to Cloudpaging.

Please refer to https://software2.atlassian.net/wiki/spaces/CS/pages/928842558 for the conversion steps.

Updating Cloudpaging Certificates

The cloudpaging.pfx should be copied and saved as a backup, then the file can be replaced with the new .PFX and the Cloudpaging service restarted.

If Cloudpaging is not using a Cloudpaging.pfx file, then it should be updated to use one following the above procedure.

Providing the customer uses health check load balancing there will be no outage. Otherwise, the customer should be notified that the service will be offline whilst the master (live) server is updated (approx 5 minutes).

To prevent an outage in the absence of health check load balancing, the secondary server should be updated first and verified. Once complete it should be switched in the load balancer to become the master (live) server. If manual switch over is required, it should be scheduled with the customer so the load balancer can be updated.

If there is only one server the service will be:

  • At risk from the start of the change for approx. 15 minutes

  • Offline for approx. 5 minutes whilst the service restarts

Rollback procedure

Windows

  1. Revert C:\Program Files (x86)\Numecent\Application Jukebox Server\core\conf\server.xml

  2. Restart Cloudpaging server

Linux

  1. Revert /usr/local/ApplicationJukebox/core/conf/server.xml

  2. Restart Cloudpaging server

Procedure to apply the SSL certificate

Windows

  1. Connect to one Cloudpaging Admin Server

  2. Rename the <certificate>.pfx file to cloudpaging.pfx

  3. Copy Cloudpaging.pfx to the first Cloudpaging server and place it in C:\Program Files (x86)\Numecent\Application Jukebox Server

  4. Backup C:\Program Files (x86)\Numecent\Application Jukebox Server\core\conf\server.xml

  5. Open Notepad with Administrative privileges and open the original server.xml

  6. Edit the keystoreFile="..." tag (see below), replacing the custom.keystore filename with cloudpaging.pfx

  7. Immediately after that entry add keystorePass="ThePassword" keystoreType="PKCS12" (with the correct password)

  8. Save server.xml

  9. Restart the Cloudpaging service https://software2.atlassian.net/wiki/spaces/CS/pages/3044769919

  10. Ensure the certificate is applied and Cloudpaging is functional

  11. Copy C:\Program Files (x86)\Numecent\Application Jukebox Server\core\conf\server.xml to the next Cloudpaging server

  12. Restart the Cloudpaging service

  13. Ensure the certificate is applied and Cloudpaging is functional locally

  14. Repeat steps 10-12 for the remaining Cloudpaging servers

Example line from server.xml

<Connector acceptCount="100" clientAuth="false" disableUploadTimeout="true" enableLookups="false" keystoreFile="C:\Program Files (x86)\Numecent\Application Jukebox Server\cloudpaging.pfx" keystorePass="password" keystoreType="PKCS12" maxHttpHeaderSize="32768" maxThreads="300" minSpareThreads="25" URIEncoding="UTF-8" port="443" SSLProtocol="TLSv1.2" SSLEnabled="true" scheme="https" secure="true"/>

Linux

  1. SSH into the server through WinSCP with credentials from 1password

  2. Rename the new <certificate>.pfx file to cloudpaging.pfx

  3. Copy Cloudpaging.pfx to the first Cloudpaging server and place it in

    CODE
    /usr/local/ApplicationJukebox/core/
  4. Backup server.xml

    CODE
    /usr/local/ApplicationJukebox/core/conf/server.xml
  5. Open Notepad with Administrative privileges and open the original server.xml

  6. Edit the keystoreFile="..." tag (see below), replacing the custom.keystore filename with cloudpaging.pfx

  7. Immediately after that entry add keystorePass="ThePassword" keystoreType="PKCS12" (with the correct password)

  8. Save server.xml

  9. Restart the Cloudpaging service https://software2.atlassian.net/wiki/spaces/CS/pages/3044769919

  10. Ensure the certificate is applied and Cloudpaging is functional

  11. Copy /usr/local/ApplicationJukebox/core/conf/server.xml to the next Cloudpaging server

  12. Restart the Cloudpaging service

  13. Ensure the certificate is applied and Cloudpaging is functional locally

  14. Repeat steps 10-12 for the remaining Cloudpaging servers

Example line from server.xml

<Connector acceptCount="100" clientAuth="false" disableUploadTimeout="true" enableLookups="false" keystoreFile="/usr/local/ApplicationJukebox/core/cloudpaging.pfx" keystorePass="password" keystoreType="PKCS12" maxHttpHeaderSize="32768" maxThreads="300" minSpareThreads="25" URIEncoding="UTF-8" port="443" SSLProtocol="TLSv1.2" SSLEnabled="true" scheme="https" secure="true"/>

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.