Installing an SSL certificate for HTTPS access
Overview
The Verba Recording System comes with a preconfigured HTTPS port for web access and HTTP access can be turned off.
In order to avoid HTTPS related security warnings when your end-users access the Verba web application you need to install an SSL certificate.
Steps
Here are the steps to import your SSL certificate (the steps below assume that you have installed the product in the default folder):
Step 1Â - Copy the new .key and .crt files to the Verba Media Repository server.
Step 2 -Â Create a backup of C:\Program Files\Verba\tomcat\conf\server.xml
Step 3Â -Â Open the server.xml file with an editor
The SSL configuration is around the 100th line and looks something like this:
<Connector SSLEnabled="true" port="443" protocol="org.apache.coyote.http11.Http11AprProtocol" clientAuth="false" scheme="https" secure="true" SSLCertificateFile="c:\Verba.crt" SSLCertificateKeyFile="c:\Verba.key" SSLPassword="verba123456" SSLCipherSuite="RC4-MD5:RC4-SHA:AES128-SHA:DHE-DSS-AES128-SHA:DES-CBC3-SHA:DHE-DSS-DES-CBC3-SHA" SSLProtocol="SSLv3+TLSv1" URIEncoding="UTF-8" maxHttpHeaderSize="16384" />
Â
Change the SSLCertificateFile="c:\Verba.crt" to the new .crt file
Change the SSLCertificateKeyFile="c:\Verba.key" to the new .key file
Change SSLPassword="Verba123456" to the private key's password.
Optionally add an SSLCertificateChainFile setting, and specify the intermediate certificate file.
Step 4Â - Restart Verba Web Application Service
Creating .key and .crt files from .p12 or .pfx file
Step 1 - Download the OpenSSL from here:Â http://indy.fulgan.com/SSL/openssl-0.9.8r-i386-win32-rev2.zip
Step 2 - Extract the downloaded .zip file and start the openssl.exe
Step 3 - Execute the following commands:
pkcs12 -in yourP12File.p12 -nocerts -out privateKey.pem pkcs12 -in yourP12File.p12 -clcerts -nokeys -out publicCert.pem
pkcs12 -in yourPfxFile.pfx -nocerts -out privateKey.pem pkcs12 -in yourPfxFile.pfx -out publicCert.pem x509 -inform pem -in publicCert.pem -pubkey -out publicCert.pem -outform pem
When it asks for password enter the password of the certificate
 Step 4 - Change the created privateKey.pem to .key and publicCert.pem to .crt