Set up HTTPS with an on-premise license server
This article describes how to set up an HTTPS connection between the on-premise Tricentis License Server, version 1.1.0 to 2.1.0 (released independently of Tosca Commander/Tosca Server) and Tosca Commander. It applies to both online and offline servers.
For information on how to set up an HTTPS connection with a License Server version 3.0.1 or higher, see this Tricentis Knowledge Base article.
For information on how to set up an HTTPS connection with an older License Server that is part of the Tosca Server installation, see this Tricentis Knowledge Base article.
When issuing the SSL-Certificate make sure that the value for "Issued to" is the same as your actual license server name/address.
To set up the connection, follow the steps below:
- Export your SSL-Certificate from IIS-Manager > Server Certificates.
- Enter the following: the path where you want to save the certificate, a name (as part of the Export to path), and a password.
--> You can export your certificate to any folder. Tricentis recommends that you use the default License Server directory: C:\Program Files\TRICENTIS\Tricentis License Server
--> Your password must have at least 6 characters and must not begin with a special character. Take note of the password; you will need it again later on.
- Open a command prompt with administrative privileges:
--> Change the directory to your Java Runtime Environment location:
C:\Program Files\TRICENTIS\Tricentis License Server\License Server\2017.8.0\jre1.8.0_191\bin
--> Convert your PFX file by typing the following string:
Tricentis recommends that you save the JKS file into the License Server directory (see string above). Replace <NameOfChoice> with the name of your PFX file.
- Confirm with Enter.
- Enter a password for the PFX file and set a password for the keystore .jks file.
This password must be the same as the password you set for the certificate in step 2.
You should now have a *.pfx and a *.jks in your license server folder.
- Open a command prompt with administrative privileges and go to C:\Program Files\TRICENTIS\Tricentis License Server\License Server\2017.8.0\License Server Deployment\flexnetls-x64_windows-2017.08.0\server.
- Stop the license server by entering flexnetls.bat -stop.
- In Windows Explorer, navigate to C:\Program Files\TRICENTIS\Tricentis License Server\License Server\2017.8.0\License Server Deployment\flexnetls-x64_windows-2017.08.0\server.
- Open the file flexnetls.settings and change the PORT to 0:
- The directory also contains the file local-configuration.yaml. Perform the following edits:
--> Put the value of https-in-enabled to true.
--> The default port is 1443. You can enter a different port, if needed.
--> Enter the path to your .jks file. Use double-backslashes instead of single backslashes.
--> Enter the keystore password you defined in step 5.
Update Flexera with another command prompt: flexnetls.bat -update
Restart Flexera with flexnetls.bat -start.
The service may take some minutes to become fully functional.
Now activate your licenses, either online or offline.
--> Use the same server name as you entered for your certificate (Issued To) with the prefix https://.
--> Use the port you chose during step 10 (the default port is 1443).