SSL CERTIFICATE TO PKCS12 BUNDLE
- Generate the CSR within a Microsoft IIS instance.
- Import the resultant SSL certificate into the IIS instance.
- Export as *.p12.
- Note that UTS does not currently support "blank" passwords nor passwords containing exclamation points ( ! ) for keystore bundles.
UPDATING THE KEYSTORE
Windows |
C:\Program Files\Extensis\Universal Type Server\applications\jboss\standalone\configuration\uts.keystore |
OSX |
/Applications/Extensis/Universal Type Server/applications/jboss/standalone/configuration/uts.keystore |
- Navigate to the sub-folder listed above and then rename the existing uts.keystore to uts.keystore.original
- Rename the PKCS12 bundle ( e.g. fonts.example.com.p12 ) to uts.keystore and then copy to the operating system specific sub-folder listed above.
CONFIGURING THE KEYSTORE PASSWORD
Windows |
C:\Program Files\Extensis\Universal Type Server\applications\jboss\standalone\configuration\standalone.xml |
Windows |
C:\Program Files\Extensis\Universal Type Server\applications\jboss\analytics\configuration\standalone.xml |
OSX |
/Applications/Extensis/Universal Type Server/applications/jboss/standalone/configuration/standalone.xml |
OSX |
/Applications/Extensis/Universal Type Server/applications/jboss/analytics/configuration/standalone.xml |
- Within both the standalone and analytics standalone.xml configuration files , locate the entry matching keystore-password="uts_ssl" and then change the uts_ssl value to the password used when creating the PCKS12 bundle.
ENABLING THE HTTP REDIRECT
Windows |
C:\Program Files\Extensis\Universal Type Server\applications\jboss\standalone\deployments\uts.ear\uts.war\WEB-INF\web.xml |
OSX |
/Applications/Extensis/Universal Type Server/applications/jboss/standalone/deployments/uts.ear/uts.war/WEB-INF/web.xml |
- Within the web.xml file locate the <transport-guarantee>NONE</transport-guarantee> entry and then change NONE to CONFIDENTIAL so that the transport-guarantee entry appears as follows :
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
Windows |
C:\Program Files\Extensis\Universal Type Server\applications\jboss\standalone\configuration\standalone.xml |
OSX |
/Applications/Extensis/Universal Type Server/applications/jboss/standalone/configuration/standalone.xml |
2. Within the standalone.xml file locate the <server name="default-server"> entry , and then add redirect-socket="https" immediately beneath the socket-binding="http" sub-entry so that the entry appears as follows :
<server name="default-server">
<http-listener name="http"
max-post-size="2147483648"
socket-binding="http"
redirect-socket="https"
disallowed-methods="TRACE TRACK"
/>
3. Once the required Keystore and HTTP Redirect modifications have been applied , initiate the changes via one of the following methods :
a. Restart Universal Type Server :
-
-
- STOP — Universal Type Server via the ( :18081 ) Admin Web interface ( Settings > System > Running State > Stopped ).
- START — Universal Type Server via the ( :18081 ) Admin Web interface ( Settings > System > Running State > Started ).
-
b. Reboot the server instance hosting Universal Type Server.
UPGRADING UNIVERSAL TYPE SERVER
- Note that when performing in-place upgrades of Universal Type Server , the UTS installer will not honor any existing Keystore and/or HTTP Redirect modifications that may have been previously applied. Prior to performing an in-place upgrade , it is recommended to copy both the keystore as well as the keystore-password= value contained within the standalone.xml file. This will ensure that post UTS upgrade , the Keystore and HTTP Redirect modifications can be quickly re-established using the steps outlined above.