Secure Backend Connection

To enable SSL with your backend you need to add the certificates to your local JAVA keystore and change your connection string.

Zoom

NEXUSe2e Connect String

Switch to your NEXUSe2e Admin-GUI and edit the backendpipeline that connects to the specific backend you want to use SSL.

Change the protocol from http:// to https:// and edit the port to the secure port configured for your backend. In this case it is :443.

Please do not forget to also check your local firewall settings for this port, adjust the rule if needed.

Add Certificates to JAVA Keystore

If you run into trust issues you may need to add certificates to your JAVA keystore.

On Windows open a CMD and switch to the security folder of the JAVA your NEXUSe2e uses:

cd %JAVA_HOME%\jre\lib\security

If your NEXUSe2e installation uses another JAVA or is configured in your tomcat you need to substitute %JAVA_HOME% to fit your setup.

Now add the base64 encoded trustchain of your backend to your JAVA keystore. Normally constisting of a root, intermediate and public certificate.

If keytool is not added as a path variable you need to add the whole path, assumed are still in the security folder and are able to use the JAVA_HOME our command will looks like this:

 

"%JAVA_HOME%"\jre\bin\keytool -importcert -file c:\certificates\public.cer -keystore cacerts -alias "BackendPublic"

The keystore "cacerts" is your JAVA store in the security folder, accessed with the password "changeit". Repeat this for the other certificates in case you have not imported a keychain.