Enabling HTTP Over SSL In AEM 5.6.1 For Windows OS


Enabling HTTP over SSL in AEM 5.6.1 for Windows OS
Follow the below steps
Step: 1
Create SSL folder inside the AEM server folder which is parallel to the  crx-quickstart.jar file
For Example D:\CQ-5.6.1- software\latest-5.6.1 software\ssl\

Step: 2
Generate a self-signed certificate for public/private key pair-
-          Go to command prompt point to the SSL folder
For Example:
D:\CQ-5.6.1- software\latest-5.6.1 software\ssl\

Steps to be followed to create Keystore and CSR


Option1: Create a keystore with public/private key pair
D:\CQ-5.6.1- software\latest-5.6.1 software>ssl\keytool -genkeypair -keyalg RSA -keysize 2048 -validity 3650 -alias cqse -keystore cqkeystore.keystore -keypass S!n@t$!123  -storepass S!n@t$!123 -dname "CN=test.com, OU=test.com, O=test, L=Singapore, S=Singapore, C=SG"
Option2:  Generate CSR
D:\CQ-5.6.1- software\latest-5.6.1 software>ssl\keytool -certreq -alias "cqse" -keystore cqkeystore.keystore -file LCCertRequest.csr
Verify the generated keystore and csr certificate in the local file system where D:\CQ-5.6.1- software\latest-5.6.1 software\ssl folder


Step: 3
Login to the Author instance as Admin User
Step: 4
Open the OSGI/Felix console: http://localhost:4502/system/console/configMgr
Step: 5
Select Configuration options from OSGI tab


Step:6
 Select “Day CQSE HTTP Service” & open it.


Step: 7
Configure the HTTPS port, Keystore Absolute file path and keystore password

Step: 8
Where

  • Keystore: Path  of the key store file
D:\CQ-5.6.1- software\latest-5.6.1 software\publish\ssl\cqkeystore.keystore
  • Keystore Password:
S!n@t$!123 
  • Key password:
S!n@t$!123 
  • Enable HTTPS:
Select the check box
  • Https Port:
5443
  • Key Alias:
cqse
  • Client Certificate:
No client certificate
Finally click on save.
Step:9
Validate whether the HTTP and HTTPS port started in the error.log file

02.10.2014 18:46:35.409 *INFO* [CQSE HTTP Service] cqse-httpservice Started CQSE 4.x at port(s) HTTP:4502 HTTPS:5443 on context path /

Sanity Test for SSL in Author and Publishers
Launch the welcome console of author and Publishers:  https://localhost:5443/welcome.html
Note:
Follow the above mentioned steps from the point no 7 to configure HTTP over SSL in the Publishers as well
For Author Use HTTPS port : 5443
For Publisher Use HTTPS port : 8443
Use strong password
Increase the validity of certificate.


1 comment:

Subscribe to: Post Comments (Atom)