For those with command line phobia you should be able to do the same thing with one of these tools
Consider a free certificate (not self signed) as an alternative to not using SSL.
0) Quick godaddy example
Before an HTTPS connection is created it is recommended to create a backup of the multiserver.conf file, located within the install directory, inside the "cfg" directory.
Add keytool to your path if it's not already:
2) Generating an X509 Certificate and Keystore
keytool -genkey -alias noodle.domain.tld -keysize 2048 -validity 365 -keyalg RSA -keystore noodle.keystore
The alias MUST be the domain name (this restriction permits the use of SSL SNI).
Once this command has been entered, the keytool will ask some questions regarding your company. Enter information as follows:
- Keystore Password: The first time you run this tool, it will create the keystore file protected by a password. You will need this password every time you access the keystore file.
- First and Last name: MUST be the domain name, for example intranet.company.com
- Name of organizational unit: This is not the company name, but may be an internal department, for example Marketing Department
- Name of your organization: Your company name, for example Vialect Inc
- City or location: For example, Windsor
- State or Province: For example, Ontario
- 2-Letter Country code: For example, CA
- Certificate password: This can be the same as the password for the keystore file
3) It is common but optional to get your Certificate Signed
Popular Certificate Authorities (CA) include Thawte, VeriSign, GoDaddy, and Network Solutions.
Make a certificate request:
keytool -certreq -sigalg MD5withRSA -alias noodle.domain.tld -keystore noodle.keystore -file noodlecert.csr
You want to get your csr signed for a "Tomcat" server. Contact your Signing Authority for help getting your CSR signed.
Importing root certificates:
keytool -import -alias carootcert -trustcacerts -file ca-root.crt -keystore noodle.keystore
Importing intermediate certificates if there are any:
keytool -import -alias intermediate -trustcacerts -file intermediate.crt -keystore noodle.keystore
Applying the Certificate Signature:
keytool -import -alias noodle.domain.tld -trustcacerts -file noodlecert.crt -keystore noodle.keystore
4) Creating an HTTPS Connection using the Enhydra Console
The first step is to access the enhydra console. This is located on the Noodle server on port 8001. Open a browser and type in either the URL or IP address followed by the port as follows:
http://192.168.0.101:8001 or http://intranet.mycompany.com:8001
You will now be prompted for a username and password. These will have been configured during the installation process. Once the username and password have been entered correctly, the console itself will open up. Click on the intranet application and then the Connections tab as shown:
Any existing HTTPS connections must be removed from the list of connections in the Enhydra console.
Then click on the Create Connection button at the top-right of the connections section. This will open up a new window which will allow a new connection to be created. Click on the HTTPS radio button at the top of the window to expand the window to allow the new connection to be configured.
There are 3 settings to be altered:
Client Authentication - This field should be set to false
Key Store Location - The field should contain the path and filename for the keystore file created in Step One.
Password - The field should contain the password for the keystore file.
Once the connection has been completed, ensure the new HTTPS connection is enabled. Click the Save State button on the left-hand menu.
The new connection has now been completed and Noodle can now be accessed using the HTTPS protocol. The new URL for your Noodle will be almost identical, except now it will be preceded by HTTPS, instead of the old HTTP, as follows:
5) Optional Redirect HTTP to HTTPS
read how here.
7) Optional Use Strong encryption
read how here.