Security configurationEnable SSL in Transact

Enable SSL in Transact

To enable SSL in Transact, do the following:

  1. Run the following batch file:

    <Transact Folder>\Apache2.2\installandstart.bat

  2. If the server where you installed Transact is a VMWare host, do the following:
    1. Change the port VMWare uses to share VMs from 443 to another port.

      SSL requires port 443.

    2. Stop VMWare services so you can install and start the Transact web service.
    3. If the server has the IIS (World Wide Web Publishing) Service running, stop it.
  3. Configure Transact to use the SSL certificates.
    1. Where you installed Transact, go to the \Application\WEB-INF\classes\META-INF\dcma-batch\ folder and open dcma-batch.properties.
    2. Modify batch.base_http_urlso the URL indicates https as in this example: 
      batch.base_http_url=https\://ServerName/dcma-batches
    3. Locate the certificate and key file:

      • <Transact Folder>\Apache2.2\conf\server.crt

      • <Transact Folder>\Apache2.2\conf\server.key

    4. If you are using your own SSL certificates, do either of the following:

      • Copy the certificate and key files into the <Transact Folder>\Apache2.2\conf\ folder and rename them server.crt and server.key.

      • Open <Transact Folder>\Apache2.2\conf\extra\httpd-ssl.conf. Locate and change the following lines to indicate the path and name of your certificate and key files. 

        SSLCertificateFile "C:\\Ephesoft\\Apache2.2/conf/server.crt"

SSLCertificateKeyFile "C:\\Ephesoft\\Apache2.2/conf/server.key"
    5. If you are also providing your own CA certificate, copy it into the <Transact Folder>\Apache2.2\conf\ folder and edit the following line in httpd-ssl.conf with the name of the CA bundle file. 
      SSLCACertificateFile "C:\\Ephesoft\\Apache2.2/conf/ca-bundle.crt"
  4. Restart the web service.
  5. Log in to Transact using the following URL:

    https://localhost/dcma/home.html

    Notice that you will use https instead of http, and you no longer have to specify a port. The browser connects to the site automatically through port 443.

  6. Update the shortcuts to the server for the changes to the URL. Change http: to https: and remove :8080 after the server name.

    The shortcuts are in this files:

    • <Transact Folder>\Ephesoft Admin Module

    • <Transact Folder>\Ephesoft Home

    • <Transact Folder>\Ephesoft

  7. Inform users of the URL change and have them update their bookmarks.
  8. Update the Transact database as follows:
    1. Go to the reports_folder table.
    2. In the host_uri_path column, enter the URL to your Transact server.

      Use this format https://<server name> with server_name as the host name, DNS name, or IP address.