Appendix C - Installing SSL Certificate for WMS
This appendix describes how to install SSL certificate for web map service (WMS).
If you are adding a HTTPs WMS URL which uses a SSL certificate that is not trusted by SSA server, you need to install the root certificate or any intermediate certificates for corresponding certificate authority in SSA trust store. SSA server by default makes use of default JDK trust store file cacerts found in JDK directory.
Perform the steps given below to import the certificates.
- Get a root/intermediately certificates from your certificate authority and save
it. For example, you can save it as
Example_SSL_CA_G2.cer
. - Backup
cacerts
keystore file in%JAVA_HOME%/jre/lib/security
. - Open a Command prompt as administrator.
- Import certificate into
cacerts
. Now, execute below command after replacing the values in <>:"%JAVA_HOME%/bin/keytool" -import -alias <alias_for_CA_certificate> -keystore <path_to_cacerts> -trustcacerts -file <path_to_root_certificate>
A sample command looks like:
"%JAVA_HOME%/bin/keytool" -import -alias Example_SSL_CA_G2 -keystore "%JAVA_HOME%/jre/lib/security/cacerts" -trustcacerts -file "F:/SSL/Example_SSL_CA_G2.cer"
- Enter the password as
changeit
. - A success message is displayed after you press Enter key - "Certificate was added to keystore”.
- Restart AnalystConnect and AnalystAdmin services for SSA server.
- Now, add the WMS map to SSA map config.