How to Generate Self-Signed SSL Certificate

Posted by: Jean-Paul M

How to Generate Self-Signed SSL Certificate - 03/26/18 06:20 PM

Hi

We're using PlanetPress Watch (7.6.2.9999) to generate PDF documents by means of a web service call to the HTTP7 Soap server.

What are the steps for generating a self-signed certificate to enable SSL on the SOAP Server?

I've been trying to generate Certificates using both OpenSSL and Powershell's New-SelfSignedCertificate, but to no avail.

The PlanetPress services fail to start up after setting the SSL Cert. The message given is "W2013 : Error starting helper HTTP7: W1032 : The configuration file could not be loaded"

When I do get the services to start up, I'm presented to with the following error when accessing the service by means of HTTPS:

"Access violation at address 00404972 in module 'HTTPService.exe'. Read of address 0000010C"
Posted by: Philippe F.

Re: How to Generate Self-Signed SSL Certificate - 03/28/18 12:35 PM

I don't know which options you selected to generate your self-signed certificate, but here's what I usually do when I need one:

  • Go to http://www.selfsignedcertificate.com/
  • Specify localhost as your server name
  • Click Generate
  • Copy the two certificate files to a local folder. Make sure the folder can be accessed with the user credentials specified for your workflow services
  • In the Workflow Preferences, set both the Root Certificate and the Certificate fields to point to the .cert file you copied to your local folder. Set the Key field to point to the .key file
  • Don't specify anything in the Password field
  • Send to configuration to Workflow

I have just followed this procedure on my system and it works as expected.

If it still doesn't work for you, check if any other application or service is currently listening on port 443. You can do so by opening a command line window and typing:
Code:
netstat -ano | findstr /i ".*:443.*listening"


Also, you may want to check if your firewall is allowing applications to listen on port 443. By default, you shouldn't have to make any allowances for it, but perhaps your IT department disabled it.