Submit a ticketCall us
Home > Success Center > Web Help Desk (WHD) > Export, import and upload the token-signing certificate

Export, import and upload the token-signing certificate

Overview

This article describes how to export, import, and upload the token-signing certificate from the Microsoft® Active Directory Federation Services (AD FS) 2.0 server.

AD FS is installed in the Microsoft Windows Server® operating system to provide users with sign-on access to Windows systems and applications

See the Microsoft TechNet website for more information about AD FS. 

Environment

  • All Web Help Desk versions
  • Web Help Desk servers running Windows Server 

Steps

  1. Export the token-signing certificate from the AD FS server.
  2. Import the certificate into the Web Help Desk trust store (cacerts).
  3. Upload the certificate into the Web Help Desk Admin Console. 

Export the token-signing certificate from the AD FS server

  1. Open AD FS 2.0 and navigate to Service > Certificates.
    Here, you will find the Token-signing certificate for your AD FS server that is used to authenticate your Security Assertion Markup Language (SAML) connection from Web Help Desk.
  2. Click the Token-signing certificate.
  3. In the Actions section, click View Certificate.
  4. Click the Details tab, click Copy to File, and then click Next.
  5. Select Base-64 encoded X.509 (.CER), and click Next.
  6. Click Browse, select a location, enter a file name,, and then click Save.

    Entering a new file name will not impact the setup.

  7. Click Next, and then click Finish.
  8. Copy the exported file to the Web Help Desk server. 

 

Import the certificate into the Web Help Desk trust store (cacerts)

  1. Stop Web Help Desk
  2. Open a Run dialog box and execute:
    C:\Program Files\WebHelpDesk\Portecle.bat
  3. Click File > Open Keystore file and navigate to:
    C:\Program Files\WebhelpDesk\bin\jre\lib\security
  4. Select All Files, select cacerts, and then click Open.
  5. Enter the following default password:
    changeit
    All common Certificate Authority (CA) certificates display in the file. 
  6. Select Tools > Import Trusted Certificates.
  7. Locate and select the exported file, and click Import.

    If the Import Trusted Certificate window displays, click OK.

    The exported certificate details display.

  8. Click OK, and then click Yes.
  9. Enter a certificate name alias that displays in the list of common CA certificates, and click OK.

    The certificate alias does not affect the setup.

  10. Click OK.
    The imported certificate displays in the list. 
  11. Select File > Save Keystore.
    If you cannot save the file and an error message displays:
    1. Open Portecle as an Administrator by navigating to the location of the Portecle.bat file.
    2. Right-click the file and select Run as Administrator.
  12. Start Web Help Desk

Upload the certificate into the Web Help Desk Admin Console

  1. Open a web browser and navigate to the Web Help Desk Admin Console.
  2. Log in to the console as an administrator.
  3. Click Setup > General > Authentication.
  4. Click the Authentication Method drop-down method and select SAML 2.0.
  5. Enter the sign-in page URL.
  6. Enter the Logout URL.
  7. Next to Verification certificate, click Upload. 
  8. Locate and select the exported file, and then click Open.
  9. Click Save when the certificate is uploaded.
Last modified
09:47, 13 Jul 2017

Tags

Classifications

Public