IDempiere SSL using Comodo Certificate

198 views
Skip to first unread message

zuhri...@gmail.com

unread,
Jan 15, 2023, 7:12:09 PM1/15/23
to iDempiere
Hi Community,

we are going to install SSL certificate for idempiere using comodo SSL. client give us the existing cert for the main domain and the SSL is support for wildcard. we gonna activate idempiere on subdomain ex. erp.company.com.

i read the guide on https://wiki.idempiere.org/en/Install_SSL_Certificate but need some confirmation before proceed the step. 

should i generate new keystore and create new cert based on new keystore. or i can jump to step to import the cert to the existing keystore?

thx for your feedback. i'm really appreciate it.

Best Regards
Zuhri

Surya Sentosa

unread,
Jan 15, 2023, 8:50:48 PM1/15/23
to idem...@googlegroups.com

Hi Zuhri,

 

Last time, I configured without generate new keystore, and it works fine. So far, I didn’t get any issue from that deployment. I don’t know maybe others have opinion, and looking forward to hear from others more advanced. 😊

 

Surya Sentosa

Business Development | Kosta Consulting

Cahaya Palmerah Building Suite 303

Palmerah Utara 3 Street No.9

West Jakarta, Indonesia, 11480

Phone +6281289895088

Office +6221 221 24384

--
You received this message because you are subscribed to the Google Groups "iDempiere" group.
To unsubscribe from this group and stop receiving emails from it, send an email to idempiere+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/idempiere/b6a828d8-5904-4199-89dc-ced7a540f266n%40googlegroups.com.

 

zuhri...@gmail.com

unread,
Jan 15, 2023, 9:27:50 PM1/15/23
to iDempiere
Hi Surya,

glad to hear that from you. still confuse with the keyword and command to integrate the ssl certificate. i'll try it.

Thanks

Mohamad Iqbal

unread,
Jan 16, 2023, 4:22:47 AM1/16/23
to iDempiere
I am using following commad :
keytool -import -trustcacerts -alias idempiere -file erp_id.crt -keystore keystore

zuhri...@gmail.com

unread,
Jan 16, 2023, 10:30:08 PM1/16/23
to iDempiere
hi,

so you only import the certificate file only? without the root.crt and intermediate.crt ? i have 3 certificates from comodo and import all the cert to existing keystore but when run idempiere-server, i cannot access to ssl port.

Mohamad Iqbal

unread,
Jan 16, 2023, 10:41:44 PM1/16/23
to iDempiere
For first installation, i use 3 scripts:

keytool -import -trustcacerts -alias USERTrust_RSA_Certification_Authority -file USERTrust_RSA_Certification_Authority.crt -keystore keystore

keytool -import -trustcacerts -alias AAA_Certificate_Services -file AAA_Certificate_Services.crt -keystore keystore

keytool -import -trustcacerts -alias idempiere -file erp__id.crt -keystore keystore

Then for renewal I use previous script.


Install SSL Certificate - iDempiere en



Carlos Antonio Ruiz Gomez

unread,
Jan 17, 2023, 1:24:15 PM1/17/23
to idem...@googlegroups.com
Our recommendation is to expose iDempiere through a proxy (for example
nginx or apache).

That way, you just need to install the certificate on the nginx/apache
side, iDempiere doesn't need it.

See:
https://wiki.idempiere.org/en/Proxy_iDempiere_Through_Nginx

Regards,

Carlos Ruiz



En 16/01/23 01:12, zuhri...@gmail.com escribió:
> --

zuhri...@gmail.com

unread,
Jan 18, 2023, 9:14:52 PM1/18/23
to iDempiere
ah, i think it's easier to install ssl on nginx/apache for my experience than using jetty. i'll try it.

thx Carlos for your response
Reply all
Reply to author
Forward
0 new messages