Configuring HTTPS Support

You can use the following steps on the client computer to configure Design with Solid Edge to work with an SSL server.


Before you begin: Open a browser with Administrator privileges:
  1. Using Internet Explorer, connect to the URL: https://<MCS Server full computer name>:<https port>/<ENOVIA application name>/emxLogin.jsp.
    A certificate error appears in the address bar.
  2. Click Continue to this website (not recommended).
  3. Click Certificate Error in the address bar and select View certificate in the certificate dialog. In the General tab click Install Certificate.
    The Certificate Import Wizard appears.
  4. Click Next and select the following:
    • Automatically select the certificate store based on the type of certificate.
    • Place all the certificate in the following store.
  5. Click Next and the details of the selected options appear. Click Finish.
    The import was successful message appears.
  6. Click Tools > Internet Options > Content tab in your browser.
  7. Click Certificates and select the Trusted Root Certification Authorities tab.
  8. Select the certificate issued to servername, that is issued by servername.

    Note: servername is the full computer name of the machine on which the application server, in which the MCS application is deployed, is running.

  9. Click Export.
  10. Click Next in the Certificate Export Wizard.
  11. Select the default option for "Export File Format" (DER encoded binary X.509 (.CER)) and click Next.
  12. Enter an appropriate file name and note down the full path, which is specified. For example, the full path can be C:\root.der.
  13. Click Next and click Finish.
  14. Close other dialogs and open the command prompt.

    Warning: On certain operating systems, because of the OS security, the command prompt has to be run as an Administrator. To run a command prompt as the Administrator, search for cmd.exe in <OS install drive>/Windows/system32 folder. Right-click cmd.exe and select Run as Administrator.

  15. Go to the <JAVA_HOME>/bin folder for this Java and then run the following command:

    keytool -list -keystore <JAVA_HOME>\lib\security\cacerts

    where <JAVA_HOME> is the home location of the latest compatible (with 3DEXPERIENCE server) and supported (as per Program Directory) Java update installed on your client computer.

  16. Enter the keystore password.

    Note: Contact your administrator for the keystore password.

    The following information is displayed along with a list of certificates:

    Keystore type: JKS

    Keystore provider: SUN

    Your keystore contains <x> entries.

  17. Import the certificate, which was exported in steps 6 to 13 using the following command:

    keytool -importcert -trustcacerts -v -file <FullPathOfCertificateFile> -alias <UniqueAliasName> -keystore <JAVA_HOME>\lib\security\cacerts

    where,

    FullPathOfCertificateFile is the full path of the file into which the certificate was exported in step 12. For example, C:\root.der.

  18. Enter the keystore password.
    Note: Contact your administrator for the keystore password.
    The information about the certificate is displayed in a confirmation message.
  19. Type Yes and press Enter.
    A success message is displayed.
  20. In <JAVA_HOME>/bin run the following command:

    keytool -list -keystore <JAVA_HOME>\lib\security\cacerts

  21. Enter the keystore password.
    Note: Contact your administrator for the keystore password.

    The following information is displayed along with a list of certificates.

    Keystore type: JKS

    Keystore provider: SUN

    Your keystore contains <x+1> entries

This message confirms that your private root certificate is added to the Extranet server cacerts keystore, as a trusted certificate authority.