Jump to: navigation, search

Using HTTPS

UsersGuide.png Purpose: To configure UCS to use secure HTTPS connections.

Overview

This page describes using configiration options and the keytool utility to configure UCS to use secure HTTPS connections.

  • Keytool is a key and certificate management utility included in JDK or JRE installations. For instance, when you install Java Environment and Libraries for eServices and UCS, keytool is placed in the \jre\bin directory.
  • In release 8.1.0 and later, the options are located in new sections that you create on the Annex tab in Configuration Manager or the Advanced View (Annex) in Genesys Administrator.

Procedure

This procedure makes use of keytool, which is a key and certificate management utility included in JDK or JRE installations. For instance, when you install Java Environment and Libraries for eServices and UCS, keytool is placed in the \jre\bin directory.

  1. Generate a key-pair for the certificate. The following is an example command line:
    keytool -genkey -v -alias hostname.example.com 
    -dname "CN=hostname.example.com,OU=IT,O=ourcompany,C=FR" -keypass theKeyPassword 
    -keystore certificate.jks -storepass theKeystorePassword -keyalg "RSA" -sigalg "SHA1withRSA" 
    -keysize 2048 -validity 3650
    
  2. Set configuration options in your UCS Application object.
    1. Go to the Advanced View (Annex) in Genesys Administrator or the Annex tab in Configuration Manager.
    2. Create sections called http.tls.keystore and http.tls.key.
    3. Add options to the new sections, as described in the HTTPS section of the Security and Authentication page.
  3. Export the certificate from UCS. Following is an example command line:
    keytool -export -v -alias hostname.example.com -file certificate.cer 
    -keystore certificate.jks -storepass theKeystorePassword 
    
  4. Import the certificate on all clients of UCS. Following is an example command line:
    keytool -import -alias hostname.example.com -file certificate.cer 
    -keystore .keystore -storepass anotherPassword
    

Example

This screenshot shows UCS configured to listen on both HTTP and HTTPS ports.
OptionsHTTPS2.jpg

This page was last modified on November 23, 2017, at 06:14.

Feedback

Comment on this article:

blog comments powered by Disqus