I will be speaking at DNUG47ONLINE
My session is “Setting up Jitsi authentication and customization”. July 2 at 16.30.
You can find the agenda of all the sessions here
Use a SSL certificate for the Sametime Proxy – a very easy way
By default when you install Sametime Proxy 11 it will use self signed certificates. My peer HCL Ambassador Ales Lichtenberg has written a blog post, here, about how to use a CA issued certificate. In his article he uses the .pem format for the certificates; I found there is another way to do this using the pfx format for certificates.
Once you have the pfx file, and the relative password, is very easy to configure Tomcat to use it. Open the server.xml file in the sametimeproxy\conf directory, edit it and change the connector stanza from this:
<Connector
protocol=”org.apache.coyote.http11.Http11NioProtocol”
port=”8443″ maxThreads=”200″
scheme=”https” secure=”true” SSLEnabled=”true”
keystoreFile=”conf/stproxy.keystore” keystorePass=”samet1me”
clientAuth=”false” sslProtocol=”TLS”/>
to this
<Connector
protocol=”org.apache.coyote.http11.Http11NioProtocol”
port=”8443″ maxThreads=”200″
scheme=”https” secure=”true” SSLEnabled=”true”
keystoreFile=”YOURCERT.pfx” keystorePass=”YOURPASS” keystoretype=”PKCS12/”
clientAuth=”false” sslProtocol=”TLS”/>
Using certificate in pfx format makes the configuration much easier, as you see; there is no need to import anything, just modify the server.xml