I've configured the https port. I've created a self signed certificate using open ssl and when I test the url using the browser I get the trusted certficate pop up but after that the page goes into error.
How did you create your self sign your certificate? Follow the procedure in the walkthrough below.
Generate your certificates
Install the Certificate Toolkit by running the Webmethods Installer.
Follow the steps found in the CertificateToolkitUsersGuide.pdf or alternatively, follow this simple guide SSL Certificate Setup using WM CertificateToolKit .
You will need to generate a private key and a certificate signing request (CSR).
Sign your certificate
You can get a CA such as verisign to sign it. Or you can sign it yourself. Here's how:
- Download OpenSSL. I used http://www.slproweb.com/products/Win32OpenSSL.html
- Once you have installed it go to the OpenSSL bin directory.
- You'll need to configure the Root CA, you can do this by first deleting PEM directory and running the following commands:
- Now you can self sign the certificate. Note that you need to replace csr.pem with the CSR filename you created previously.
Note: To specify certificate's expiry date, add option -days <no_days_to_expire> at the end of this command below
Convert the Signed Certificate and CA root certficate to the DER format
Again, read CertificateToolkitUsersGuide.pdf. It will tell you how to convert a CRT to DER format.
You will need to convert ca.crt and cert.crt to DER format. ca.crt is the CA root certificate. cert.crt is the server certificate.
Copy the server private key, server certicate and CA root certifcate to the webmethods server.
If you're copying it to a UNIX server remember to set the transfer mode to binary.
You can copy the certificates anywhere under the IntegrationServer directory.
Config directory is a good place.
- CA Root - config/cas/ca.der
- Server Certificate - config/cert.der
- Server Private Key - config/privateKey.der (you generated this using the certificate toolkit in the very first step)
Add certificates to the server using the IS admin console
Refer to this document IntegrationServerAdminGuide.pdf
Or you can enter the details like so:
Create a Https Port
Again, refer to this document IntegrationServerAdminGuide.pdf.
In the diagram below, the port is using the certificate setup defined in the "Add certificates ..." step.
Test HTTPS Port
Ensure that your browser settings does not use a proxy.
Then try testing by invoking via URL: https://<Host>:<HTTPS_Port>