SSL certificate installation - part 2

SSL certificate installation - part 2

Problem:  Need to create and add new wildcard SSL certificate to Unified Workspace server.


Prerequisite(s):
  • Completed part 1
  • Access to keystore password

Solution(s):  Below instructions will walk you through process of placing a new keystore on Unified Workspace servers.

Configuring new keystore file:
  1. Copy wildcard.jks file in stoneware\config directory
  2. Repeat for all Unified Workspace servers
  3. Go to webAdmin
  4. Go to Relay Admin
  5. Click on first relay object
  6. Enable SSL (if not already enabled)
  7. Change certificate source to wildcard.jks
  8. Click Save button
  9. Repeat steps 5-8 for each additional relay objects

Entering new keystore password*:
  1. Go to Server Administrator console for any dedicated relays (https://127.0.0.1:8090)
  2. Go to Services tab
  3. Right-click on relay service
  4. Click Properties
  5. Change Relay User password to keystore password 
    IMPORTANT - must be same password as used in part 1
  6. Click Save button
  7. Go Settings
  8. Shutdown service
  9. Repeat steps 1-8 for any additional relays
  10. Repeat steps 1-8 for any servers+relays
  11. Go to your directory server tools (AD/eDir/OpenLDAP/AD LDS)
  12. Find relayuser account (default location is stoneware OU)
  13. Reset the relayuser password to match the keystore password
    IMPORTANT - must be same password as used in part 1
  14. Configure relayuser account so password does not expire
  15. Start-up a server+relay
  16. Verify service has started up successfully
  17. Startup additional severs+relays
  18. Start-up additional dedicated relays
*If you have the current relayuser password documented, you can skip changing it in the directory and instead change keystore's and the keystore's keypair passwords to match what is already set in the directory.

Typically if you get any start-up error messages it's because the passwords have not been matched up correctly.  Highly recommended to copy-n-paste with a complicated password.


Reference(s):



keywords: 
keystore, SSL, java

    Can't find the KB

    Unable to find the KB to address your issue ?  

      • Recent Articles

      • Change Reset Password Button Text

        Change the text of the "Reset Password" button on the UW Login Page How to change the text of the Reset Password button on the Login Page. Login to webNetwork and open webAdmin on your Relay Central Server Expand Customization Center Expand Tenants ...

      • Remove Reset Password Button From Login Page

        Remove the Reset Password Button from the Login Page How to remove the Reset Password button from the Unified Workspace login page. Login to webNetwork and open webAdmin on your Relay Central Server Expand Customization Center Expand Tenants Expand ...

      • Lenovo Unified Workspace End-of-Life Questions and Answers

        As of January 31st 2024, Lenovo Unified Workspace (formerly Stoneware WebNetwork) is no longer supported. This means that we no longer provide licenses, downloads, updates, patches, or technical assistance for this product. If you have any questions ...

      • How do I determine my Unified Workspace license expiration date?

        The best method for determining the licensing information including the expiration date of your Unified Workspace license: Login to your 8090 management console on each server This may take remoting into each LUW server and relay, opening a browser, ...

      • Lenovo Unified Workspace 7.0.2.13 Released

        Highlights of Unified Workspace 7.0.2.13 Before you install: Please view the installation notes here. 7.0.2.13 requires a 7.0 license file. Below is a list of enhancements and fixes released in Unified Workspace 7.0.2.13 Fixed external storage ...

      • Related Articles

      • SSL certificate installation - part 1

        Problem: Need to create and add new wildcard SSL certificate to Unified Workspace server. Prerequisite(s): Download and install KeyStore Explorer tool on workstation Solution(s): Below instructions will walk you through process of creating a new ...

      • SSL Root Certificate causing issues with Slingshot

        Issue: When trying to run a Slingshot webApp on a workstation, the Slingshot utility gives the following error: Error: "Problem found with the Secure Sockets Layer(SSL) certificate sent by the server.  Please note that self-signed certificates cannot ...

      • How do I renew my SSL certificate?

        This process is in 3 basic parts.  1 - Create the Keystore  2 - Generate the CSR  3 - Import the cert  The documentation below has several methods to complete this process. The first is a how to use a free Java gui tool called Portecle, the second is ...

      • Convert PFX certificate to JKS keystore using KeyStore Explorer

        Issue: Can we import the wildcard SSL Certificate we already have on our IIS server(s)? Solution: Please see the following documentation on how to convert a PFX certificate, exported from an IIS server, to a Java JKS keystore. Once you have your new ...

      • DC won’t obtain SSL certificate automatically

        Customer installed Enterprise CA server in their AD forest and some Domain Controllers won’t pick up an SSL certificate.   The customer used LDP.exe to verify all of their DC to see if they had SSL enabled.  They found a DC that did not pick up an ...