39383: Adding an SSL certificate to a mobilEcho server

Translate to:

The mobilEcho server consists of two services, the mobilEcho File Server and the mobilEcho Client Management Server. If your server is only running the file server service, you only need the to add your SSL certificate to the Windows certificate store and bind it to the mobilEcho file server port. If you are also running Client Management Server, you will need to add the certificate to the web administrator console.

Adding a 3rd party issued SSL certificate to your mobilEcho file server

Install your certificate to your Windows certificate store.

  1. On the server, click Start, and then click Run.
  2. In the Open box, type mmc, and then click OK.
  3. On the File menu click Add/Remove snap-in.
  4. In the Add/Remove Snap-in dialog box, click Add.
  5. In the Add Standalone Snap-in dialog box, click Certificates, and then click Add.
  6. In the Certificates snap-in dialog box, click Computer account, and then click Next
  7. In the Select Computer dialog box, click Local computer: (the computer this console is running on), and then click Finish.
  8. In the Add Standalone Snap-in dialog box, click Close.
  9. In the Add/Remove Snap-in dialog box, click OK.
  10. In the left pane of the console, double-click Certificates (Local Computer).
  11. Right-click Personal, point to All Tasks, and then click Import.
  12. On the Welcome to the Certificate Import Wizard page, click Next.
  13. On the File to Import page, click Browse, locate your certificate file, and then clickNext.
  14. If the certificate has a password, type the password on the Password page, and then click Next.
  15. On the Certificate Store page, click Place all certificates in the following store, and then click Next.
  16. Click Finish, and then click OK to confirm that the import was successful.

Bind the certificate to the mobilEcho file server port Using the certificate management MMC plugin (certmgr.msc), open the certificate, then copy off its "thumbprint", e.g.: a8 13 a1 f4 d8 13 a1 f4 a8 13 a1 f4 d8 fd a4 a8 13 a1 f4 d8 Then, you must bind the certificate to mobilEcho's HTTPS port (443 in the following example). On Windows Server 2003, the command is:

httpcfg set ssl -i [ip address]:443 -h [thumbprint without spaces]

For example:

httpcfg set ssl -i 10.10.2.1:443 -h a813a1f4d813a1f4a813a1f4d8fda4a813a1f4d8

On Windows Server 2008 or Windows Vista, the command is

netsh http add sslcert ipport=[ip address]:443 certhash=[thumbprint without spaces] appid={72876EC6-D443-48ef-ADD3-FA7A0CBC4762} certstorename=MY

For example:

netsh http add sslcert ipport=10.10.2.1:443 certhash=a813a1f4d813a1f4a813a1f4d8fda4a813a1f4d8 appid={72876EC6-D443-48ef-ADD3-FA7A0CBC4762} certstorename=MY

The certificate should now be bound to the port.

Adding a 3rd party issued SSL certificate to your mobilEcho Client Management Administrator web interface

Navigate to the mobilEcho Server program folder. The default location is: C:\Program Files (x86)\Group Logic\mobilEcho Server Enter the ManagementUI folder and open the mobilEcho_manager.cfg file a text editor application. If your default language includes Unicode characters, be sure that your text editor is UTF-8 compatible and saves the config file in UTF-8 format.

Edit these three values in the config file:

HTTPS_USE_AUTOGENERATED_CERTS This setting defaults to true. When set to true mobilEcho will generate a self-signed SSL certificate. This will allow network access to the mobilEcho Client Management web UI to be encrypted, but will produce a warning in most web browsers. If you would like to obtain, or already have, a third-party issued SSL certificate for this server, you can change this setting to false and enter the paths to your key and certificate in the related settings below.

HTTPS_KEY Enter the path on disk to your certificate's key.

HTTPS_CERT Enter the path on disk to your certificate. Once these values have been set, save the config file. In order for the settings to take effect, you will need to restart the mobilEcho Management service from the Windows Services control panel.

Tags: 

You are reporting a typo in the following text:
Simply click the "Send typo report" button to complete the report. You can also include a comment.
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
2 + 5 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.