How to Enable HTTPS in the SapphireIMS Application

How to Enable HTTPS in the SapphireIMS Application | Stage 1

This "SapphireIMS How to Guide" explains the SOP to "Enable HTTPS in the SapphireIMS Application" with an SSL Certificate purchased from a Third Party which is a Certificate Authority (CA). Please note that this "SapphireIMS How to Guide" is applicable for the SapphireIMS Application with SapphireIMS Patch Level 4097 and above.

Step 1: Stop the "SapphireIMS" Service in the SapphireIMS Application Server.

Step 2: In the SapphireIMS Application Server, go to the path "<SapphireIMS Application Installation Location>\SapphireIMS\WebManagement\standalone" and delete the "tmp" Folder.

Step 3: In the SapphireIMS Application Server, open Windows Command Prompt (Run as Administrator) and execute the Command: cd "<SapphireIMS Application Installation Location>\SapphireIMS\WebManagement\JDK\bin" to set the Current Working Directory Path.

Step 4: In this Windows Command Prompt execute the Command: keytool -genkey -alias servercert -keyalg RSA -validity 730 -keystore server.keystore -dname cn=<Hostname>,o=<Organization Name>,ou=<Organization Name> -keypass servercert -storepass servercert after replacing the Variable "<Hostname>" with the "SapphireIMS Application Server Hostname" and the Variable "<Organization Name>" with the "Customer Company Name". This Command will create a File named "server.keystore" in the path "<SapphireIMS Application Installation Location>\SapphireIMS\WebManagement\JDK\bin".

Step 5: Go to the path "<SapphireIMS Application Installation Location>\SapphireIMS\WebManagement\JDK\bin", copy the "server.keystore" File and paste it in the path "<SapphireIMS Application Installation Location>\SapphireIMS\WebManagement\standalone\configuration".

How to Enable HTTPS in the SapphireIMS Application | Stage 2

Step 1: In the SapphireIMS Application Server, go to the path "<SapphireIMS Application Installation Location>\SapphireIMS\WebManagement\standalone\configuration", take backup of the "standalone.xml" File and open the "standalone.xml" File with "Notepad++".

Step 2: In the "standalone.xml" File, search for the Tag <security-realm name="ManagementRealm"> and replace the entire Text present between <security-realm name="ManagementRealm"> and </security-realm> Tags with the following Text:

<server-identities>
    <ssl>
        <keystore path="FileName.pfx" relative-to="jboss.server.config.dir" keystore-password="Password" alias="AliasName" key-password="Password"/>
    </ssl>
</server-identities>
<authentication>
    <truststore path="server.truststore" relative-to="jboss.server.config.dir" keystore-password="Password" />
    <local default-user="$local"/>
    <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
</authentication> Step 2 Image
Step 3: In the "standalone.xml" File, search for the Text http-listener present under the Tag <subsystem xmlns="urn:jboss:domain:undertow:5.0"> and add the Line <https-listener name="https" socket-binding="https" security-realm="ManagementRealm" max-post-size="2147483648" max-parameters="10000" /> as shown in the below Image: Step 3 Image
Step 4: In the "standalone.xml" File, search for the Text socket-binding-group and change the HTTPS Port (Default HTTPS Port is 443) in the Line <socket-binding name="https" port="8443"/> as shown in the below Image: Step 4 Image
Step 5: Save the "standalone.xml" File.

How to Enable HTTPS in the SapphireIMS Application | Stage 3

Step 1: Rename the SSL Certificate File provided by the Customer in PFX Format to "SSL.pfx".

Step 2: In the SapphireIMS Application Server, copy the "SSL.pfx" File and paste it in the paths "<SapphireIMS Application Installation Location>\SapphireIMS\WebManagement\standalone\configuration" and "<SapphireIMS Application Installation Location>\SapphireIMS\WebManagement\JDK\bin".

Step 3: In the SapphireIMS Application Server, open Windows Command Prompt (Run as Administrator) and execute the Command: cd "<SapphireIMS Application Installation Location>\SapphireIMS\WebManagement\JDK\bin" to set the Current Working Directory Path.

Step 4: In this Windows Command Prompt execute the Command: keytool -list -keystore SSL.pfx and enter the "SSL Certificate Password" provided by the Customer. The "SSL Certificate Password" will not be visible on the Windows Command Prompt while entering the same. Press the "Enter" Button of the Keyboard after entering the "SSL Certificate Password".

Step 5: From the Output of this Command, copy the Text highlighted in "Red" color in the below Image and store the same for future usage: Step 5 Image
Step 6: In the SapphireIMS Application Server, go to the path "<SapphireIMS Application Installation Location>\SapphireIMS\WebManagement\standalone\configuration" and open the "standalone.xml" File with "Notepad++".

Step 7: In the "standalone.xml" File, search for the Tag <security-realm name="ManagementRealm"> and perform the following changes:

# Replace the Value of the Parameter "keystore path" with SSL.pfx
# Replace the Value of the Parameter "keystore-password" with the "SSL Certificate Password" provided by the Customer
# Replace the Value of the Parameter "alias" with the Text obtained from "Step 5"
# Replace the Value of the Parameter "key-password" with the "SSL Certificate Password" provided by the Customer

Note: There should not be any "Blank Space" or "Additional Character" while replacing the above Values. Step 7 Image
Step 8: Save the "standalone.xml" File.

How to Enable HTTPS in the SapphireIMS Application | Stage 4

Step 1: Start the "SapphireIMS" Service in the SapphireIMS Application Server.

Step 2: Open Internet Explorer, Google Chrome, or Mozilla Firefox Browser outside the SapphireIMS Application Server.

Step 3: Open the SapphireIMS Web Portal in the Browser through the URL https://<FQDN>/SapphireIMS or https://<Public IP Address>/SapphireIMS based on the SapphireIMS Application Server Hosting and the SSL Certificate File provided by the Customer.

Step 4: The SapphireIMS Web Portal Login Page should load successfully and the connection to the SapphireIMS Application Server should be shown as "Secure" in the Browser.

Step 5: Login to the SapphireIMS Web Portal.