SSL certificate installation - part 2

SSL certificate installation - part 2

Problem:  Need to create and add new wildcard SSL certificate to Unified Workspace server.


Prerequisite(s):
  • Completed part 1
  • Access to keystore password

Solution(s):  Below instructions will walk you through process of placing a new keystore on Unified Workspace servers.

Configuring new keystore file:
  1. Copy wildcard.jks file in stoneware\config directory
  2. Repeat for all Unified Workspace servers
  3. Go to webAdmin
  4. Go to Relay Admin
  5. Click on first relay object
  6. Enable SSL (if not already enabled)
  7. Change certificate source to wildcard.jks
  8. Click Save button
  9. Repeat steps 5-8 for each additional relay objects

Entering new keystore password*:
  1. Go to Server Administrator console for any dedicated relays (https://127.0.0.1:8090)
  2. Go to Services tab
  3. Right-click on relay service
  4. Click Properties
  5. Change Relay User password to keystore password 
    IMPORTANT - must be same password as used in part 1
  6. Click Save button
  7. Go Settings
  8. Shutdown service
  9. Repeat steps 1-8 for any additional relays
  10. Repeat steps 1-8 for any servers+relays
  11. Go to your directory server tools (AD/eDir/OpenLDAP/AD LDS)
  12. Find relayuser account (default location is stoneware OU)
  13. Reset the relayuser password to match the keystore password
    IMPORTANT - must be same password as used in part 1
  14. Configure relayuser account so password does not expire
  15. Start-up a server+relay
  16. Verify service has started up successfully
  17. Startup additional severs+relays
  18. Start-up additional dedicated relays
*If you have the current relayuser password documented, you can skip changing it in the directory and instead change keystore's and the keystore's keypair passwords to match what is already set in the directory.

Typically if you get any start-up error messages it's because the passwords have not been matched up correctly.  Highly recommended to copy-n-paste with a complicated password.


Reference(s):



keywords: 
keystore, SSL, java

    Can't find the KB

    Unable to find the KB to address your issue ?  

      • Recent Articles

      • Lenovo Unified Workspace End-of-Life Questions and Answers

        Will the shutdown of LUW servers and access to downloads affect my server licensing? No, the shutdown of the customer servers and access to the product and licensing downloads will not affect your server licensing. This license is downloaded and ...

      • How do I determine my Unified Workspace license expiration date?

        The best method for determining the licensing information including the expiration date of your Unified Workspace license: Login to your 8090 management console on each server This may take remoting into each LUW server and relay, opening a browser, ...

      • Lenovo Unified Workspace 7.0.2.13 Released

        Highlights of Unified Workspace 7.0.2.13 Before you install: Please view the installation notes here. 7.0.2.13 requires a 7.0 license file. Below is a list of enhancements and fixes released in Unified Workspace 7.0.2.13 Fixed external storage ...

      • LanSchool Documentation Guides

        LanSchool Classic Teacher Console The LanSchool Teacher Console is the interface teachers will use to manage their classroom and students. It contains all the tools necessary for a teacher to effectively interact with students and create a ...

      • Lenovo Unified Workspace 7.0.1.41 Released

        Highlights of Unified Workspace 7.0.1.41 Before you install: Please view the installation notes here. 7.0.1.41 requires a 7.0 license file. Below is a list of enhancements and fixes for Unified Workspace 7.0.1.41 Updated Log4j Updated Java Updated ...

      • Related Articles

      • SSL certificate installation - part 1

        Problem: Need to create and add new wildcard SSL certificate to Unified Workspace server. Prerequisite(s): Download and install KeyStore Explorer tool on workstation Solution(s): Below instructions will walk you through process of creating a new ...

      • Our SSL cert is expiring on our UW servers, can Lenovo Software help us renew that certificate?

        Issue SSL Certificate is expiring/expired on customer's Unified Workspace (formerly webNetwork) server(s). Solution Lenovo Software Support can assist you with renewing the SSL Certificate on your UW servers.  The only downtime required will be a ...

      • SSL Root Certificate causing issues with Slingshot

        Issue: When trying to run a Slingshot webApp on a workstation, the Slingshot utility gives the following error: Error: "Problem found with the Secure Sockets Layer(SSL) certificate sent by the server.  Please note that self-signed certificates cannot ...

      • How do I renew my SSL certificate?

        This process is in 3 basic parts.  1 - Create the Keystore  2 - Generate the CSR  3 - Import the cert  The documentation below has several methods to complete this process. The first is a how to use a free Java gui tool called Portecle, the second is ...

      • Convert PFX certificate to JKS keystore using KeyStore Explorer

        Issue: Can we import the wildcard SSL Certificate we already have on our IIS server(s)? Solution: Please see the following documentation on how to convert a PFX certificate, exported from an IIS server, to a Java JKS keystore. Once you have your new ...