IMPORTANT:
SSLing the bundled-in web server has changed with the Release of v6.8!
Access to this information is no longer public, it now requires Registered Access; please click here.
OLD legacy info:
In case you have to provide a CSR to generate your SSL certs:
Windows: C:\Program Files\Java\jre_installedversion\bin>.\keytool.exe -genkey -keyalg RSA -keysize 2048 -dname "cn=farmerswife.example.com, o=Farmers WIFE S.L., c=ES" -alias farmerswife.example.com -keystore keystore -keypass secret123 -storepass secret123 -validity 1095
Mac and Linux: keytool -genkey -keyalg RSA -keysize 2048 -dname "cn=farmerswife.example.com, o=Farmers WIFE S.L., c=ES" -alias farmerswife.example.com -keystore keystore -keypass secret123 -storepass secret123 -validity 1095
Note: validity here means from “today” up-to/including the day the certificate expires.
Now create a CA-request that you will later upload on your provider website:
Windows: C:\Program Files\Java\jre_installedversion\bin>.\keytool.exe -certreq -alias farmerswife.example.com -file farmerswife.example.com.txt -keypass secret123 -keystore keystore -storepass secret123
Mac and Linux: keytool.exe -certreq -alias farmerswife.example.com -file farmerswife.example.com.txt -keypass secret123 -keystore keystore -storepass secret123
Once done you will obtain a PEM that you need to rename to server.pem. This will be the server.pem you will use for the desktop client. Then import it to the keystore:
Windows: C:\Program Files\Java\jre_installedversion\bin>.\keytool.exe -keystore keystore -importcert -alias farmerswife.example.com -file server.pem -trustcacerts -keypass secret123 -storepass secret123
Mac and Linux: keytool.exe -keystore keystore -importcert -alias farmerswife.example.com -file server.pem -trustcacerts -keypass secret123 -storepass secret123
Now extract the private key as skey.pem to use it for the desktop client:
Windows: C:\Program Files\Java\jre_installedversion\bin>.\keytool.exe -v -importkeystore -srckeystore keystore -srcalias farmerswife.example.com -destkeystore skey.p12 -deststoretype PKCS12
Mac and Linux: keytool.exe -v -importkeystore -srckeystore keystore -srcalias farmerswife.example.com -destkeystore skey.p12 -deststoretype PKCS12
Then move the file skey.p12 to the following folder to execute the command:
Windows: C:\Program Files (x86)\farmerswife Server\lib\openssl\openssl.exe pkcs12 -in skey.p12 -nodes -nocerts -out skey.pem
Mac and Linux: openssl pkcs12 -in skey.p12 -nodes -nocerts -out skey.pem
And finally rename the already existing server.pem and skey.pem to server.pem.old and skey.pem.old. This way you can move server.pem and skey.pem to this folder:
Windows: C:\Program Files (x86)\farmerswife Server\html_templates\http_session\ssl_certs\
Mac and Linux: /path/to/your/farmerswife Server/html_templates/http_session/ssl_certs/
Depending on the certificate you apply you may need to also import the cacert file from your provider, so you just need to do the following before moving the certificates to their places:
Windows: C:\Program Files\Java\jre_installedversion\bin>.\keytool.exe -import -trustcacerts -keystore keystore -storepass secret123 -alias farmerswife.example.com -import -file providerCAcert.txt
Mac and Linux: keytool -import -trustcacerts -keystore keystore -storepass secret123 -alias farmerswife.example.com -import -file providerCAcert.txt
Use a third party proxy service to apply your SSL certificates
You can use a third party software for example F5, HAproxy or NGINX to use ports 80, 443 or the regular farmerswife server ports to apply your own SSL certificate. In case you prefer to use subdomains for proxying each service, for example ios.farmerswife.example.com or web.farmerswife.example.com, instead of just using the proxy for the regular ports, you need to change the setting for the file transfer port and click on the port field, then in the pop up click on the field “Proxy port” to add the proxied port, otherwise it won't work. Another reason is that with this set up you will not need to upgrade the clients manually.
To learn how to use the third party software NGINX to create a proxy server to the farmerswife system click on the link: click here