How to change certificates for IDM 4.8 workflow engine port 8600

Hi,

After setting up IDM 4.8 Identity Application on Windows 2016 Server, I'm facing an error trying to access new form workflow.

The certificate authority is not valid for the browser. 

The default certificate is issued by : Internet Widgits Pty Ltd

Thanks

Sylvain

 

Parents
  • Verified Answer

    The new form workflow engine is using NGINX service.

    The configuration file for HTTPS is :

    C:\NetIQ\Common\Nginx\conf\Nginx.conf

     server {
            listen       $NOVL_NGINX_HTTPS_PORT$ ssl;
            server_name  $NOVL_SERVLET_HOSTNAME$;
           
            ssl on;
      ssl_protocols TLSv1.2;
            ssl_password_file $NOVL_NGINX_INSTALL_DIR$cert\pass.txt;  
            ssl_certificate $NOVL_NGINX_INSTALL_DIR$cert\ssl_nginx.crt;
            ssl_certificate_key $NOVL_NGINX_INSTALL_DIR$cert\ssl_nginx.key;
     
    In order to put your own certificates, you must change the certifcates, for example with eDir certificates:
    1) Create a new server certificate with iManager and export with the private key , like nginx.pfx
    2) Extract cert and key from the pfx certificate (need openssl):
    openssl pkcs12 -in nginx.pfx -nocerts -out nginx.key
    openssl pkcs12 -in nginx.pfx -clcerts -nokeys -out nginx.cer
    3) Then copy the files  and update the pass.txt , then restart nginx service.
     
    Hope this will help.
    Thx
    Sylvain
Reply
  • Verified Answer

    The new form workflow engine is using NGINX service.

    The configuration file for HTTPS is :

    C:\NetIQ\Common\Nginx\conf\Nginx.conf

     server {
            listen       $NOVL_NGINX_HTTPS_PORT$ ssl;
            server_name  $NOVL_SERVLET_HOSTNAME$;
           
            ssl on;
      ssl_protocols TLSv1.2;
            ssl_password_file $NOVL_NGINX_INSTALL_DIR$cert\pass.txt;  
            ssl_certificate $NOVL_NGINX_INSTALL_DIR$cert\ssl_nginx.crt;
            ssl_certificate_key $NOVL_NGINX_INSTALL_DIR$cert\ssl_nginx.key;
     
    In order to put your own certificates, you must change the certifcates, for example with eDir certificates:
    1) Create a new server certificate with iManager and export with the private key , like nginx.pfx
    2) Extract cert and key from the pfx certificate (need openssl):
    openssl pkcs12 -in nginx.pfx -nocerts -out nginx.key
    openssl pkcs12 -in nginx.pfx -clcerts -nokeys -out nginx.cer
    3) Then copy the files  and update the pass.txt , then restart nginx service.
     
    Hope this will help.
    Thx
    Sylvain
Children
No Data