INSTALLATION I VIDEOS I FAQ I MODULES I INTERFACE I UPGRADING I GLOSSARY I ADMINISTRATION

Noodle and SSL - Configuring an HTTPS Connection

Search Noodle Help

Noodle can be used in conjunction with HTTPS to provide enhanced security for data whilst in transmission. Details for creating the certificate, validation, applying the certificate to the keystore and creating an HTTPS connection are detailed below.

Before Creating an HTTPS Connection

Before an HTTPS connection is created it is recommended to create a backup of the multiserver.conf file, located within the install directory, inside the enhydra/cfg directory.

Generating an X509 Certificate and Creating a Keystore

The first step in the process of using an HTTP connection with Noodle is to create an X590 certificate using the java keytool, usually located in your java/bin directory. The syntax for this command is as follows:

keytool -genkey -alias <name> -validity <number of days> -keyalg RSA -keystore <keystore file location>

There are 3 settings that need to be defined, the alias, validity and keystore file location. The alias is simple a reference for the certificate in the keystore file and although not actually required, it is recommended.

Example:

keytool -genkey -alias noodlecert -validity 365 -keyalg RSA -keystore "C:/Program Files/Noodle/keystore.txt"

This example will create a X509 certificate with the alias noodlecert valid for 365 days in the location C:/Program Files/Noodle/keystore.txt

Once this command has been entered, the keytool will ask some questions regarding your company. Enter information as follows:

  • Keystore Password: The first time you run this tool, it will create the keystore file protected by a password. You will need this password every time you access the keystore file.
  • First and Last name: MUST be exactly as your Noodle URL, for example companyintranet.company.com
  • Name of organizational unit: This is not the company name, but may be an internal department, for example Marketing Department
  • Name of your organization: Your company name, for example Vialect Inc
  • City or location: For example, Windsor
  • State or Province: For example, Ontario
  • 2-Letter Country code: For example, CA
  • Certificate password: This can be the same as the password for the keystore file

Creating a Certificate Request (.csr) file

Once the X509 certificate has been requested, a Certificate Request file will need to be generated to validate your certificate. This file will be a .CSR file and is created using the java keytool. The syntax for this command is as follows:

keytool -certreq -sigalg MD5withRSA -alias <name> -keystore <keystore location> -file <file location>

There are 3 settings in this command that should be defined. The <name> is the alias that was defined for this certificate when the X509 was created. The <keystore location> is the location of the keystore.txt file created in Step One. The <file location> is the full path and filename for the Certificate Request file when created. An example is as follows:

keytool -certreq -sigalg MD5withRSA -alias noodlecert -keystore "C:/Program Files/Noodle/keystore.txt" -file "C:/Program Files/Noodle/noodlecert.csr"

This would create a Certificate Request file called noodlecert.csr in the C:/Program Files/Noodle directory, based on the noodlecert X509 certificate.

Signing the Certificate with an Authority (Thawte, VeriSign, GoDaddy, Network Solutions)

Once the certificate has been created it can now be sent to an Certificate Authority (CA) to be signed. This process can be anything from instant up to one business day. Once the CA has validated your credentials, they will email you a signature that can be applied to the keystore.

Applying the Certificate Signature to your Keystore

Once the authority has validated all of your Certificate information, they will return to you an archive normally containing three files - the CA root certificate, the server root certificate and the signature for the certifcate created for Noodle with the .crt extension. These files can then be used to import these signature into the Keystore file created in Step One. The command for this is as follows:

keytool -import -alias <name> -trustcacerts -file <signature file> -keystore <keystore location>

The <name> for the Noodle signature will be the name of the alias created in Step One, the rest of the signatures can be given new aliases. The <signature file> is the location of the file received from the authority in the previous step. Keystore location is the full path and filename for the keystore file created in Step One. An example is as follows:

keytool -import -alias noodlecert -trustcacerts -file "C:/Program Files/noodlecert.crt" -keystore "C:/Program Files/keystore.txt"

This will apply the signatures to the noodlecert certificate located at C:/Program Files/noodlecert.crt in the keystore at C:/Program Files/keystore.txt

Creating an HTTPS Connection using the Enhydra Console

Once the signature has been applied to the keystore, the final step is create a new connection for Noodle that uses the HTTPS protocol.

The first step is to access the enhydra console. This is located on the Noodle server on port 8001. Open a browser and type in either the URL or IP address followed by the port as follows:

http://192.168.0.101:8001
or
http://intranet.mycompany.com:8001

You will now be prompted for a username and password. These will have been configured during the installation process. Once the username and password have been entered correctly, the console itself will open up. Click on the intranet application and then the Connections tab as shown:

Using the Enhydra Console for configuring Noodle to work with HTTPS protocol

To begin creating a new connection for Noodle, click on the Create Connection button at the top-right of the connections section. This will open up a new window which will allow a new connection to be created. Click on the HTTPS radio button at the top of the window to expand the window to allow the new connection to be configured.

There are 3 settings to be altered:

  • Client Authentication - This field should be set to false
  • Key Store Location - The field should contain the path and filename for the keystore file created in Step One.
  • Password - The field should contain the password for the keystore file.

Using the Enhydra Console for configuring Noodle to work with HTTPS protocol

Once the connection has been completed, ensure the new HTTPS connection is enabled. Click the Save State button on the left-hand menu.

Thr new connection has now been completed and Noodle can now be accessed using the HTTPS protocol. The new URL for your Noodle will be almost identical, except now it will be preceded by HTTPS, instead of the old HTTP, as follows:

  • HTTPS://192.168.0.101
    •  or
  • HTTPS://mycompany.intranet.com

Any existing HTTPS connections must be removed from the list of connections in the Enhydra console.

SSL/HTTPS

 

 

 

Download Noodle Brochure
Download Noodle Brochure

SaaS or Download Noodle Intranet
More about Deployments



Follow Noodle on Twitter

 

 

Follow Noodle on Twitter || Add NoodleSupport on Skype || Chat with NoodleSupport on Skype

For a full index of all pages on www.vialect.net click here

Click one of the links below to check out more information on our main website @ www.vialect.com

About | Why Noodle | Resellers | Resources | Contact


Noodle is a product of Vialect Inc