{"type":"doc","content":[{"type":"paragraph","content":[{"text":"Running Voyager in HTTPS/SSL requires creating a Java keystore and server.dex files in the Voyager data/config folder. This is accomplished with the following high-level steps, which are described in more detail below.","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Create a Java keystore in ","type":"text"},{"text":"${voyager.data.dir}/config/","type":"text","marks":[{"type":"em"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Create a server.dex file in ","type":"text"},{"text":"${voyager.data.dir}/config/","type":"text","marks":[{"type":"em"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Change Voyager's base URL to HTTPS","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Change the URL of a reference base map to HTTPS","type":"text"}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Create a Java keystore","type":"text"}]},{"type":"paragraph","content":[{"text":"You can create a Java keystore with your own self-signed certificate or import existing PKCS#12, PFX or PEM certificates into the keystore. Choose from the steps below (1.1, 1.2 or 1.3) based on the type of certificate you are going to import.","type":"text"}]},{"type":"paragraph","content":[{"text":"Once you have imported the certificate into the Java keystore, copy the keystore file into the ","type":"text"},{"text":"${voyager.data.dir}/config/","type":"text","marks":[{"type":"em"}]},{"text":" directory.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Create a Java keystore with your own self-signed certificate","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"To create your own keystore with a self-signed certificate, enter the following command:","type":"text"}]},{"type":"paragraph","content":[{"text":"$ keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360 -keysize 2048","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Import PKCS#12 and PFX certificates into a Java keystore","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"To import a PKCS#12 certificate into a Java keystore, enter the following command:","type":"text"}]},{"type":"paragraph","content":[{"text":"$ keytool -importkeystore -srckeystore -srcstoretype pkcs12 -keystore -storepass ","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"To import a PFX certificate into a Java keystore, enter the following command:","type":"text"},{"type":"hardBreak"},{"text":"$ keytool -importkeystore -srckeystore -srcstoretype pkcs12 -keystore -storepass ","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Import a PEM certificate into a Java keystore","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"First, export the PEM certificate and key into the PKCS#12 file using openssl (","type":"text"},{"text":"http://www.openssl.org/related/binaries.html","type":"text","marks":[{"type":"link","attrs":{"href":"http://www.openssl.org/related/binaries.html"}}]},{"text":"):","type":"text"},{"type":"hardBreak"},{"text":"$ openssl pkcs12 -inkey -in -export -out ","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Then import the PKCS#12 into the keystore by running:","type":"text"},{"type":"hardBreak"},{"text":"$ keytool -importkeystore -srckeystore -srcstoretype pkcs12 -keystore -storepass ","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Create a server.dex file","type":"text"}]},{"type":"paragraph","content":[{"text":"Create a server.dex file in ","type":"text"},{"text":"${voyager.data.dir}/config/","type":"text","marks":[{"type":"em"}]},{"text":" folder containing the following parameters (see the sample server.dex bellow):","type":"text"}]},{"type":"paragraph","content":[{"text":"ssl_port","type":"text","marks":[{"type":"code"}]},{"type":"hardBreak"},{"text":"ssl_key_store_path","type":"text","marks":[{"type":"em"}]},{"type":"hardBreak"},{"text":"ssl_key_store_password","type":"text","marks":[{"type":"em"}]},{"type":"hardBreak"},{"text":"ssl_key_manager_password","type":"text","marks":[{"type":"em"}]},{"type":"hardBreak"},{"text":"ssl_trust_store_path","type":"text","marks":[{"type":"em"}]},{"type":"hardBreak"},{"text":"ssl_trust_store_password","type":"text","marks":[{"type":"em"}]}]},{"type":"paragraph","content":[{"text":"You can use a sample server.dex file stored in ","type":"text"},{"text":"${voyager.install.dir}/app/util/ssl/server.dex","type":"text","marks":[{"type":"em"}]}]},{"type":"paragraph","content":[{"text":"Passwords in server.dex must be encoded. To encode passwords, run the following command from the ","type":"text"},{"text":"${voyager.install.dir}","type":"text","marks":[{"type":"em"}]},{"text":" folder. (Replace ","type":"text"},{"text":"jetty-util-xxx.jar ","type":"text","marks":[{"type":"em"}]},{"text":"with your current version, e.g. ","type":"text"},{"text":"jetty-util-9.2.13.v20150730.jar):","type":"text","marks":[{"type":"em"}]}]},{"type":"paragraph","content":[{"text":"“jre/bin/java.exe” -cp app/lib/jetty-util-xxx.jar org.eclipse.jetty.util.security.Password ","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"Sample server.dex","type":"text","marks":[{"type":"strong"}]}]},{"type":"paragraph","content":[{"text":"#if this exists, it will load SSL","type":"text","marks":[{"type":"code"}]},{"type":"hardBreak"},{"text":"ssl_port = 8443","type":"text","marks":[{"type":"code"}]},{"type":"hardBreak"},{"text":"# path is relative to ${config.dir}","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"ssl_key_store_path = keystore.jks","type":"text","marks":[{"type":"em"}]},{"type":"hardBreak"},{"text":"ssl_key_store_password = OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v","type":"text","marks":[{"type":"em"}]},{"type":"hardBreak"},{"text":"ssl_key_manager_password = OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v","type":"text","marks":[{"type":"em"}]},{"type":"hardBreak"},{"text":"ssl_trust_store_path = keystore.jks","type":"text","marks":[{"type":"em"}]},{"type":"hardBreak"},{"text":"ssl_trust_store_password = OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v","type":"text","marks":[{"type":"em"}]},{"text":" ","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Change Voyager's base URL to HTTPS","type":"text"}]},{"type":"paragraph","content":[{"text":"In the Voyager Manage UI go to ","type":"text"},{"text":"Manage > Settings > Appearance","type":"text","marks":[{"type":"strong"}]},{"text":" and click ","type":"text"},{"text":"Edit","type":"text","marks":[{"type":"strong"}]},{"text":" to change the Voyager URL to ","type":"text"},{"text":"HTTPS","type":"text","marks":[{"type":"strong"}]},{"text":", e.g. ","type":"text"},{"text":"https://my-voyager-server:8443/","type":"text","marks":[{"type":"strong"},{"type":"link","attrs":{"href":"https://my-voyager-server:8443/"}}]}]},{"type":"mediaSingle","attrs":{"layout":"center","width":50.0},"content":[{"type":"media","attrs":{"width":280,"id":"38da76b4-980c-494e-a2de-2d960d5f3311","collection":"contentId-2248736812","type":"file","height":168}}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Change the URL of the Referenced Base Map to HTTPS","type":"text"}]},{"type":"paragraph","content":[{"text":"In the Voyager Manage UI, go to ","type":"text"},{"text":"Manage > Settings > Mapping","type":"text","marks":[{"type":"strong"}]},{"text":" and change the map URL from ","type":"text"},{"text":"HTTP","type":"text","marks":[{"type":"strong"}]},{"text":" to ","type":"text"},{"text":"HTTPS","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]},{"type":"mediaSingle","attrs":{"layout":"center","width":83.0},"content":[{"type":"media","attrs":{"width":526,"id":"33e55d2d-aae8-4f9b-8b40-ab6840917950","collection":"contentId-2248736812","type":"file","height":296}}]},{"type":"paragraph"}],"version":1}

Browser not supported