Highlighted
Outstanding Contributor.
Outstanding Contributor.
191 views

How to change certificates for IDM 4.8 workflow engine port 8600

Jump to solution

Hi,

After setting up IDM 4.8 Identity Application on Windows 2016 Server, I'm facing an error trying to access new form workflow.

The certificate authority is not valid for the browser. 

The default certificate is issued by : Internet Widgits Pty Ltd

Thanks

Sylvain

 

Labels (1)
0 Likes
1 Solution

Accepted Solutions
Highlighted
Outstanding Contributor.
Outstanding Contributor.

Re: How to change certificates for IDM 4.8 workflow engine port 8600

Jump to solution

The new form workflow engine is using NGINX service.

The configuration file for HTTPS is :

C:\NetIQ\Common\Nginx\conf\Nginx.conf

 server {
        listen       $NOVL_NGINX_HTTPS_PORT$ ssl;
        server_name  $NOVL_SERVLET_HOSTNAME$;
       
        ssl on;
  ssl_protocols TLSv1.2;
        ssl_password_file $NOVL_NGINX_INSTALL_DIR$cert\pass.txt;  
        ssl_certificate $NOVL_NGINX_INSTALL_DIR$cert\ssl_nginx.crt;
        ssl_certificate_key $NOVL_NGINX_INSTALL_DIR$cert\ssl_nginx.key;
 
In order to put your own certificates, you must change the certifcates, for example with eDir certificates:
1) Create a new server certificate with iManager and export with the private key , like nginx.pfx
2) Extract cert and key from the pfx certificate (need openssl):
openssl pkcs12 -in nginx.pfx -nocerts -out nginx.key
openssl pkcs12 -in nginx.pfx -clcerts -nokeys -out nginx.cer
3) Then copy the files  and update the pass.txt , then restart nginx service.
 
Hope this will help.
Thx
Sylvain

View solution in original post

1 Reply
Highlighted
Outstanding Contributor.
Outstanding Contributor.

Re: How to change certificates for IDM 4.8 workflow engine port 8600

Jump to solution

The new form workflow engine is using NGINX service.

The configuration file for HTTPS is :

C:\NetIQ\Common\Nginx\conf\Nginx.conf

 server {
        listen       $NOVL_NGINX_HTTPS_PORT$ ssl;
        server_name  $NOVL_SERVLET_HOSTNAME$;
       
        ssl on;
  ssl_protocols TLSv1.2;
        ssl_password_file $NOVL_NGINX_INSTALL_DIR$cert\pass.txt;  
        ssl_certificate $NOVL_NGINX_INSTALL_DIR$cert\ssl_nginx.crt;
        ssl_certificate_key $NOVL_NGINX_INSTALL_DIR$cert\ssl_nginx.key;
 
In order to put your own certificates, you must change the certifcates, for example with eDir certificates:
1) Create a new server certificate with iManager and export with the private key , like nginx.pfx
2) Extract cert and key from the pfx certificate (need openssl):
openssl pkcs12 -in nginx.pfx -nocerts -out nginx.key
openssl pkcs12 -in nginx.pfx -clcerts -nokeys -out nginx.cer
3) Then copy the files  and update the pass.txt , then restart nginx service.
 
Hope this will help.
Thx
Sylvain

View solution in original post

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.