Quickmenu
HTTPs support in MyConnection Server (MCS) requires version MCS 10.1a or above
As a best practice this tutorial documents 4 steps to create the MCS certificate file using the Windows platform. The certificate file can be transferred and used with MCS on both Linux and Windows platforms.
We recommend performing these steps on Windows even if MCS is installed on Linux.
Passwords used throughout the process must match and only contain letters and numbers, no special characters.
The 4 steps to enabling HTTPs/SSL in MCS are as follows:
Notes:
Passwords used throughout the process must match and only contain letters and numbers, no special characters.
Files created during the certificate build steps have been color coded for clarity of use.
Support. If you need help with the SSL certificate application process review the troubleshooting section or send us an email us.
A valid SSL certificate provided by the issuing certificate authority is required for this step. The certificate must consist of 2 files, example yourdomain.com.crt and intermediateCA.crt.
NOTE: Some certificate providers will provide a .PEM file option, for example yourdomain.com.pem. If you have a .PEM file then skip to Step 2.
The two certificate (.crt) files need to be combined together to create a single file as follows:
This step requires the OpenSSL package for Windows (Note: Scroll down to the Download Win32 OpenSSL section for download links. This is a third party OpenSSL resource that we've found the most reliable but is subject to change) in order to convert the combined certificate file to the OpenSSL PKCS file format.
CRT method: openssl pkcs12 -export -inkey yourdomain.com.key -in certs.txt -out certs.pkcs12 (see example below).
PEM method: openssl pkcs12 -export -inkey yourdomain.com.key -in yourdomain.com.pem -out certs.pkcs12
This step requires the Oracle Java keytool utility.
V:\SSL Certs>keytool -importkeystore -srckeystore certs.pkcs12 -srcstoretype PKCS12 -destkeystore certs.jks -deststoretype JKS
Enter destination keystore password:
Re-enter new password:
Enter source keystore password:
Entry for alias 1 successfully imported.
Import command completed: 1 entries successfully imported, 0 entries failed or cancelled
MCS should be stopped and restarted to enable the SSL certificate. If a restart does not enable HTTPS then there may be an issue with the cert or JKS, please review the troubleshooting section below.
Once enabled, only HTTPs traffic will be authorized and any user login requests initiated over HTTP will be automatically redirected to HTTPS. Note, port 80 is still required for redirects and support of high performance MCS hardware and software satellites which will continue to be authorized to ensure test accuracy.
The first step to detecting the JDK type installed is to run the command below.
java --version
If this does not explicity state EA or RC then check the package manager.
Debian/Ubuntu:apt list --installed | grep openjdk
Red Hat/Fedora:dnf list installed | grep java
Arch Linux:pacman -Q | grep jdk
Some Java distributions (like OpenJDK) store version details in /usr/lib/jvm/
ls -l /usr/lib/jvm/