In this article, we explain how to set up the HTTPS protocol for a Newired Portal installed on a Windows Server.
By default, Newired portal runs on HTTP protocol.
If the target application has the same protocol, you don't need to read this article.
If the target application runs on HTTPS, you need Newired portal to run on HTTPS as well, in order for it to communicate properly with the target application.
In this article, we will set up HTTPS by creating a self-signed certificate. It will allow you to use the HTTPS protocol., but internet browser will mark the connection as unsafe. We suggest you use this method if the Portal is only accessed internally in the company.
If you need another kind of solution, please contact your IT department.
HTTPS is essentially made of two protocols: HTTP and SSL. Because your tomcat runs on HTTP, we need to get the SSL to proceed.
SSL is a protocol that manages encryption and decryption of transmitted data. It is used for security purposes. Let’s go through the process for setting it up.
Creating the keystore
- Run the command prompt as an administrator.
- Type cd <NEWIRED FOLDER>/jre/bin.
By default, <NEWIRED FOLDER> corresponds to C:/NewiredFolderName and by opening the command prompt I initially get to C:\WINDOWS\system32, so I would need to type "cd ..\..\" (in order to get back to C:\), and then "cd Newired\jre\bin".
- Now, you need to generate a password protected file called keystore. To do that, type keytool -genkey -alias <YOUR ALIAS> -keyalg RSA -keystore "<TOMCAT FOLDER>\conf\keystorename.keystore" and then press Enter.
- Now fill with attention all the fields you are asked to compile, then you should have created a keystore that you can find at the path you have specified in the keytool command. You can see the expected outcome in the image below.
Creating the Certificate Signing Request (SELF SIGNED)
- In the console, type keytool -certreq -keyalg RSA -alias <YOUR ALIAS> -file <CERTIFICATE NAME>.csr -keystore "<TOMCAT FOLDER>\conf\keystorename.keystore"
Configuring Tomcat to use SSL
The next step is to configure the Tomcat, in order for it to use the SSL protocol. Let’s proceed with the order.
Adding the connector
- In <tomcat folder>/conf, open the file called server.xml with a text editor (e.g. Notepad, VS Code, Notepad++)
- Search for the used and uncommented connector, as shown in the image below:
- Under it, paste this code:
scheme="https" secure="true" SSLEnabled="true"
clinetAuth="false" keyAlias="<YOUR ALIAS>"
- You can see the pasted code in the image below
Setting up SSL usage criteria
- In <tomcat folder>/conf, open the file called web.xml with a text editor (e.g. Notepad, VS Code, Notepad++)
- Insert the following code in the file:
The orange coloured text is optional, so you can leave it as it is.
You can see the pasted code in the image below
Restarting the server
- In the command prompt you opened earlier, type net stop “Newired Portal”, then press Enter and wait until the command is fully executed
- Now, type net start “Newired Portal”, then press Enter and wait until the command is fully executed, to restart the Portal with the changes you made applied
To test if the HTTPS protocol works fine, just navigate to https://your.server.com:8443/newired/. If the page loads, HTTPS is correctly set up.